堆栈内存溢出
  简体   繁体   English

在php和Ruby On Rails应用程序之间传递身份验证

[英]Pass authentication between php and Ruby On Rails application

 原文  2010-05-04 10:35:10       php/ ruby-on-rails/ authentication

问题描述

I have a simple Ruby on rails application that I want to integrate with an existing php website. 我有一个简单的Ruby on rails应用程序,我想与现有的php网站集成。 I only want that users who's been authenticated by the php application would have access to my Ruby on Rails application (it should appear to the user as the same website, in the same domain, though it can be a different sub-domain if I chose to) What's the best way to do that? 我只希望通过php应用程序进行身份验证的用户可以访问我的Ruby on Rails应用程序(它应该在用户看来是同一个网站,在同一个域中,尽管如果我选择它可以是一个不同的子域to)最好的方法是什么?

Thanks for the help, 谢谢您的帮助,

Li

2 个解决方案

解决方案1
 3  2010-05-04 10:50:52

The most common way to keep a user logged in is to store something like current_user_id:777 in the user's session. 保持用户登录的最常用方法是在用户会话中存储类似current_user_id:777的内容。 Therefore, the easyest way is to share the session between the Rails app and the PHP app. 因此,最简单的方法是在Rails应用程序和PHP应用程序之间共享会话。 Then, you must use the same convention to store the identity of a logged in user. 然后,您必须使用相同的约定来存储登录用户的标识。

A way to do this is to use memcached as the session support. 一种方法是使用memcached作为会话支持。

Problems with this approach: you could set/read the same session variable in the same time from both apps (but it can be avoided). 此方法存在问题:您可以在两个应用程序中同时设置/读取相同的会话变量(但可以避免)。

References: 参考文献:

Storing your php sessions using memcached 使用memcached存储您的php会话

Usind memcache as rails session store Usind memcache作为rails会话存储

解决方案2
 2  2010-05-04 10:45:50

The easiest way is to make use of cookies. 最简单的方法是使用cookie。 In the PHP application, this cookie gets set, and the RoR application can read it's value. 在PHP应用程序中,此cookie已设置,RoR应用程序可以读取它的值。

But with cookies you'll have to watch out for security, because the contents of the cookie can be set manually, and cookies can also be copied, which allows for stealing another persons cookie. 但是对于cookie,你必须注意安全性,因为cookie的内容可以手动设置,也可以复制cookie,这样就可以窃取其他人的cookie。

Another option could be a session which is stored in a database both applications can make use of. 另一种选择可以是存储在应用程序可以使用的数据库中的会话。 The advantage of this option is that the contents of the session is stored on the server, and it can't be altered. 此选项的优点是会话的内容存储在服务器上,并且无法更改。 The only thing you would have to handle is to identify the user belonging to the cookie. 您唯一需要处理的是识别属于cookie的用户。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 将Ruby / Rails应用程序移植到PHP 5 - Port a Ruby/Rails application to PHP 5 如何将身份验证凭据从WPF应用程序传递到php应用程序 - How to pass authentication credientials to php application from a WPF app 是否可以在PHP部分和网站的Rails部分之间进行身份验证? - Is Authentication between a PHP section and a Rails Section of a website possible? 将PHP转换为Ruby(On Rails) - Convert PHP to Ruby (On Rails) Ruby on Rails或PHP框架 - Ruby on Rails or a PHP framework PHP包含在Ruby on Rails中? - PHP Includes in Ruby on Rails? Ruby on Rails转换为PHP CodeIgniter - Ruby on Rails to PHP CodeIgniter phonegap和php之间的身份验证 - authentication between phonegap and php Dojo / PHP应用程序中的身份验证 - Authentication in a Dojo / PHP application PHP curl头通过认证 - php curl header pass authentication
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM