4

I have a Zend Framework application whose sole purpose is to serve as an XmlRpc / JSONRPC server.

I've mostly followed the philosophy from this guide for my implementation method. I overrode my Bootstrap's run() method to run a Zend_XmlRpc_Server object and attach the API classes to it.

I want to authenticate any XML-RPC method that gets ran with an "API key" I have stored in a database table. If I had a traditional MVC ZF setup, I would use a controller plugin to automatically take care of the authentication, but I don't have that option. My only solution right now is manually insert code into each API method to check for authentication.

Any thoughts on a more pragmatic way to solve this issue? I'd prefer not to have a bunch of repeated code at the top of every method.

Charles
  • 50,943
  • 13
  • 104
  • 142
Andy Baird
  • 6,088
  • 4
  • 43
  • 63

1 Answers1

2

several ways to solve the q

  1. easiest create in Bootstrap Reqest Object manually and check headers

    protected function _initModifiedFrontController()
{
    $this->bootstrap('FrontController');
    $front = $this->getResource('FrontController');

    $request = new Zend_Controller_Request_Http();

    $response = new Zend_Controller_Response_Http();
    $response->setHeader('Content-Type','text/html; charset=UTF-8', true);
    $front->setResponse($response);
    $front->setRequest($request);

    if ($request->isXmlHttpRequest()) {
        $authAdapter = new Zend_Auth_Adapter_DbTable(
            $dbAdapter,
            'users',
            'username',
            'password'
        );

        // ...or configure the instance with setter methods
        $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);

        $authAdapter
            ->setTableName('users')
            ->setIdentityColumn('username')
            ->setCredentialColumn('password')
        ;

    }
}

Read manual Zend_Auth. this is a "zend way".

or u can write custom AuthAdaper.it's easy :)

UPDATE 1:

Read this carefully

SMka
  • 3,021
  • 18
  • 14
  • Thanks - I didn't quite use the frontcontroller method you used, but it got me thinking in the right direction. Your link was also very useful. Thank you. – Andy Baird Dec 21 '09 at 21:01