symfony - REST API and client on same server, need API authentication? -

-

first, let me describe application: working on web-based software kind of custom desk application. requires user login (we use fosuserbundle). after login user redirected dashboard. dashboard there no more page reload, frontend build on angularjs , user can anywhere within application without page reload. speak of single page application.

so data presented user, fetched rest api (we use fosrestbundle). works quite @ point.

there kind of dilemma. our staff access application (for now). staff member needs login access helpdesk. data pushed frontend via angularjs called via api, user has logged in needs authenticate again on every request because of rest.

problem: since backend runs on symfony2 let try user object of logged in user when api call made:

$this->get('security.context')->gettoken()->getuser()

returns anon. stands anonymous, or

$this->getuser();

returns null.

so authenticated context seems gone when using rest api. when call action directly without rest, can user information.

so need secure our rest api , user information on every api call. don't want third party people access our application, staff. not familar oauth, user redirected third party page allow/deny access data? not option us.

based on information, have suggestions or ideas how secure api , transport user data getuser not return null or anon. actuall logged in user?

there's way resolve problem.

it's using certificates. can generate certificates use http tunneling (https obviousley), server ask certificate (you've configure apache it's not big challenge).

with in place, you've add certificatemanageron server side ensure certificate valid , know who's calling service (to able authenticate user @ each request), certificatemanager(or ever you'll call it) have configured within filters chaine (as known in java world), et voilĂ 

hop you, abderrazak


Popular posts from this blog

How to calculate SNR of signals in MATLAB? -

-
i've encountered simple, yet fundamental problem on calculating snr: there several signals : s1 = original , pure clean signal without noise. n1 = white gaussian noise going added s1. s2 = s1 + n1 (the noisy signal before performing noise-reduction algorithm) s3 = noise-reduced signal (after performing noise reduction algorithm) n2 = s3 - s1 (the amount of noise after performing noise-reduction algorithm) now want compare snr before , after performing noise-reduction algorithm. which signals should consider snr_before!? s1/n1 or s2/n1 ? which signals should consider snr_after!? s3/n1 or s3/n2 ? which commands or functions should use in matlab in order compute snr_before , snr_after? thanks billion putting time on helping me. what know calculating snr before : snrbeforenoise = mean( signal .^ 2 ) / mean( noise .^ 2 ); and snr after : residual_noise = signal - noise_reduced_signal; snr_after = mean( signal .^ 2 ) / mean( residual_noise .^ 2
Read more

c# - Attempting to upload to FTP: System.Net.WebException: System error -

-
i have api takes in xml , uploads files based on information in xml. uploads on schedule (also xml), , have tested surrounding , know works. i getting error 40% of time on first file attempt upload in each time cycle (time cycle = 45 minutes files, 30 minutes others). here code upload: try { loggerftp.log("uploading file: " + filename, false); // create request. ftpwebrequest request = (ftpwebrequest)webrequest.create(appsettingsftp.ftpurl + @"/" + filename); request.method = webrequestmethods.ftp.uploadfile; request.timeout = 6000000; //set 100 minutes //request.timeout = -1; //set infinite // add login credentials. request.credentials = new networkcredential(appsettingsftp.ftplogin, appsettingsftp.ftppassword); // grab file contents. streamreader sourcestream = new streamreader(appsettingsftp.uploadfiledirectory + filename); byte[] filecontents = encoding.utf8.getbytes(sourcestream.readtoend()); sourcest
Read more

ios - UISlider customization: how to properly add shadow to custom knob image -

-
Image
i need place custom knob image shadow uislider. far have image of 38x38, of there region defines shadow of knob. now while using image, when slide knob extreme ends actual knob not able cover end points, hence end points visible under transparent region of knob image this code using customize uislider uiimage *slidebtimg = [uiimage imagenamed:sliderknobimg]; [self.ratingslider setthumbimage:slidebtimg forstate:uicontrolstatenormal]; [self.ratingslider setthumbimage:slidebtimg forstate:uicontrolstatehighlighted]; how can implement custom knob shadow beneath it, covering end points?? look inside uislider.h , there methods let customize slider knob , track needed. (ios 2.0 , above) // lets subclass lay out track , thumb needed - (cgrect)minimumvalueimagerectforbounds:(cgrect)bounds; - (cgrect)maximumvalueimagerectforbounds:(cgrect)bounds; - (cgrect)trackrectforbounds:(cgrect)bounds; - (cgrect)thumbrectforbounds:(cgrect)bounds trackrect:(cgrect)rect value:
Read more