如何在servlet上验证wordpress用户?
[英]How to verify a wordpress user at a servlet?
问题描述
I'd like to embed an ajax application into a wordpress site. 
我想将ajax应用程序嵌入到wordpress网站中。 The ajax application will communicate with servlets running on tomcat. Ajax应用程序将与在tomcat上运行的servlet进行通信。 Now the servlets need a way to verify if a request originates from a user that is logged in to wordpress. 现在,Servlet需要一种方法来验证请求是否源自登录到wordpress的用户。 How does this commonly get solved? 通常如何解决?
AFAIK, wordpress is stateless and does not use sessions, which makes me curious how a logged in user in wordpress can be tracked. AFAIK,wordpress是无状态的,并且不使用会话,这使我很好奇如何跟踪wordpress中已登录的用户。 The second problem is, how can a servlet request wordpress to verify if a given user is still logged in? 第二个问题是,servlet如何请求wordpress来验证给定用户是否仍在登录?
Any advice is welcome, Thank you. 欢迎任何意见,谢谢。
1 个解决方案
解决方案1
0 2012-01-16 21:41:45
The only thing that you can do is read the cookies. 您唯一可以做的就是读取cookie。 And that will work only if you are using the same domain (or subdomain and the cookies are valid for all subdomains). 仅当您使用相同的域(或子域,并且cookie对所有子域均有效)时,该方法才有效。 The session cookie might not give you sufficient information, however. 但是,会话cookie可能无法为您提供足够的信息。 You can't read a PHP session from a Java app, and generally, you can't mix two applications that way. 您无法从Java应用程序读取PHP会话,并且通常不能以这种方式混合使用两个应用程序。
As a little workaround, you can check with javascript who is the currently logged user (by finding the username in the DOM), and send that with ajax, but that is not secure at all. 作为一个小的解决方法,您可以使用javascript检查当前登录的用户(通过在DOM中找到用户名),并使用ajax发送该用户名,但这一点都不安全。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.