I have WPF app and Web browser control in it. I am opening a web page which is a php application.
I need to pass my machine credential's to the php application.
The Web browser control opens a [http://app/login.php]. The user has logged onto the machine with his domain credential's. The PHP website uses windows authentication..
Both the WPF application and php site are internal application(i.e. same domain)
You have a CakePHP application and a login.php? Then there is something seriously wrong with it.
You need to get your current logged in users identity and pass that on to the php application.
See Using windows authentication with php?
If you're using CakePHP 2.0 you might find an LDAP adapter for the AuthComponent. I guess you can use google to find more, I don't know if this one here is any good or not http://www.analogrithems.com/rant/2012/01/03/cakephp-2-0-ldapauth/
My answer covers the CakePHP part
Best practice would be to communicate using REST, between your wpf and cakephp. CakePHP provides a very easy way to connect your actions via REST. You will have to connect your authentication method using the REST.
Cake's documentation has a nice section on REST from CakePHP.
Related
I'm planning on creating a multi-page web app using Laravel as a back-end REST API and a Vue.js front-end to consume this API.
To be clear up front, I'm not interested in code snippets of exactly how to set this up, unless some will help visualize the architecture.
What I would like to know is how this 'Split-Stack' can be deployed in a completely separated manner. I.E. neither stack shares a codebase, and are stored in completely independent repositories.
I'm not very familiar with JavaScript frameworks beyond jQuery, so I think my lack of understanding lies mainly in the Vue.js department. Some questions which stand out in particular are:
Can a Vue.js application be hosted by a web server to serve static HTML files, if so, which one is compatible?
Can both the front and back end services run on the same server, on different ports for example, and what would be any best practices for this?
And how is login authentication affected by running a web app in this way, and should I be looking into creating some kind of OAuth authentication between the front and back ends?
After reading many blog posts, it is obvious that this architecture is possible, but I'm struggling to find details on how exactly this is configured to be completely separate.
The tools and technologies don't necessarily matter here, but any specifics for Vue.js and Laravel are appreciated.
I have a VueJS Front-End set up with an ExpressJS Back-End, which is very similar to what you are talking about. And yes, it is entirely possible. So let's take a look at each of your questions individually.
Can a Vue.js application be hosted by a web server to serve static HTML files, if so, which one is compatible?
Yes, when you run VueJS, you can either build it as a static application or serve it as a NodeJS Application.
See the Deployment section of the Vue CLI 3 documentation here. It explains how the /dist directory is used to serve the VueJS Application in the manner you are intending to.
Can both the front and back end services run on the same server, on different ports for example, and what would be any best practices for this?
I recently posted an example of how to host both your Front-End and API on the same server here. (Includes Coding Examples and Explanation). This answer references ExpressJS as the API, but the principles are the same. Really, just have your Front-End listening on port 80 and have your API operating on a different, unused port (ie: 8081).
And how is login authentication affected by running a web app in this way, and should I be looking into creating some kind of OAuth authentication between the front and back ends?
I handle all authentication on the back end. Basically, in the Vue Router, you can set a secure parameter. Then declare a router.beforeEach((to,from,next) => {}); call towards the end. This call should then check to see if the user has a valid login token and redirect them to the applications login page after setting a cookie with the URL the user was asked to login from so that they can be sent back to it after logging in.
In our case, we have the user redirected to the VueJS Route /saml/login. The /saml/login component. This component makes a call to the API and returns the address the user should be redirected to to login. In our case, it is the API (which is running on the same server, but a different port [see answer above]), www.example.com:8081/api/v1/saml_login. This then works with the IDP and receives the token and user data. This is also where you would perform you ACS functions (provisioning the user, updating the login time or user data, etc.) After receiving the token, it is placed into a cookie or other placeholder so that it can be used to validate against the token stored in the Database when the user was validated initially. (It is a best practice to set expiration's on your tokens). The user is then redirected to the url stored in the cookie that lets us know where they were asked to sign in from so they can view their content without having to look for it again. (Happy to share code on this if you want)
I think using Firebase or Auth0 Authentication is one of the best ways to do this. Firebase or Auth0 will take care of all the authentication for you and allow your backend to verify the authenticity of your front end. So that makes it much easer to separate the two.
There is an admin SDK for connecting Laravel to Firebase and there are templates and existing authentication SDK's for Vue. There are a few articles which sort of describe it but I haven't seen anything that pieces it all together yet. I was able to figure it out from 2 or 3 different articles and it ended up being easier than I thought it would be.
I'm building a mobile project that needs to be in constant communication with a server and i need some information . I know how to build local apps but this is the first time that i'm building an app that requires external call to a server / authentication service .
I'm asking for guidance how to proceed and which services/servers to use.
What type of server/database do i need ?
I'm guessing i will be requiring an API service but no idea how to choose/make one.
I want to use azure services/database but i also don't want to be dependent on it. I want to have my own url that i send request to and interact with a server/db that i can later move to another host fairly easily.
I develop websites mostly and i'm familiar with php/laravel + Mysql but i think in this case it will be overkill to create a laravel app simply for the server backend .
The app will be mobile only so i don't expect to have a webpage for it . simply an external server/database where the data will be saved.
First i need an authentication service - where each user will register on the phone which will then be saved in my external server/database . Then when they need to login - they will input the login details on the phone , which will query the esternal server/database and if validated - get their details from the server.
First, you need to decide which kind of server communication you'll need. it's in real time and constant? then you'll need a websocket. It's in bursts when you need to send or get data? then you'll need some kind of webservice (REST, RPC, SOAP). Then you have to evaluate the user load you'll have. And finally, the human resources you'll have.
Based on your question, I think a REST webservice will be more than enough. You may:
-Create a REST service for every group of related resources. Example: the /user URL should handle the signup, login, logout and user update operations.
-Create a method for each one of those operations and handle them. Then, call the method from the REST service class.
-Depending on the amount of users and the technology you're using, create a server to handle the requests, or upload your REST project to a server (tomcat, for example).
-Create an app and consume the REST services from there.
There are tons of tech you can choose for these things. PHP allows creating REST services, I think. Java is a very good choice too, since you can use the same code in both server and android apps. Node.Js is pretty popular, too, since you don't need servers and uses NIO (althought java can do both things using jetty and also has multithreading); golang and scala both have superb performance (golang is a lot more easier to learn, though, and it has no need to use external webservers).
Hope this helps.
For mobile applications the best will be REST (representational state transfer),becouse is lightweight and flex to use in other technology. I had project which include REST and mobile app and web app and it working very well.
In this scenario, we usually will build a REST API service for client end. As you are familiar with Laravel, you can refer to http://www.programmableweb.com/news/how-to-build-restful-apis-using-php-and-laravel/how-to/2014/08/13#apiu for how to build a REST API service with Laravel. Also you can leverage other light 3rd part PHP frameworks to build REST API service.
You can create and develop the application on local and then deploy to Azure Web Apps. Please refer to https://azure.microsoft.com/en-us/documentation/articles/app-service-web-php-get-started/ for more info.
And there several vendors provide MySQL services on Azure. ClearDB is a BaaS on Azure for MySQL. You also can use the VM to host your MySQL Service. E.G. MySQL by Bitnami and MySQL by Docker.
How to connect identityServer3 to php application. I have application in asp.net MVC which is using IDS3 now i need to connect php client app with SSO integration base on IDS3.
I think this is less a question about IdentityServer3, and more a question of what OpenID Connect libraries are recommended for PHP.
http://openid.net/developers/libraries/
The OpenID web site lists three OIDC libraries for relying parties - the right one to choose depends on your web server (nginx, Apache) and application stack (e.g. Drupal).
Recommend you try the most lightweight first and see if it supports what you need.
https://github.com/jumbojett/OpenID-Connect-PHP
I am implementing same type of auth but get client secret validator error, do you have any docs? I m using openid-oauth2 library
I have created an application writing in php language. Now,i need develop new .net application using same login database. What i want is after end user login by the php application and click a link to my .net new application without re-sign in again. Any Idea or suggestion??
Why not implement WIF on the .net side and SimpleSAML in the PHP solution? Federated security with the WIF framework using the SAML protocol should work. What's better is SAML is an open standard so a lot of resources out there.
To get you started:
Windows Identity Foundation (WIF) https://msdn.microsoft.com/en-za/library/ee748475.aspx
SimpleSAML https://simplesamlphp.org/
EDIT: I'm recommending the above because you cannot share cookies cross domain and you shouldn't really be trying to roll your own security where possible. You can also look at OAuth2 http://openid.net/connect/.
It seems WIF can also support OAuth2 with extensions https://blogs.msdn.microsoft.com/alikl/2011/03/03/running-windows-identity-foundation-wif-extensions-for-oauth-2-0-sample/
I have an app that uses ember-simple-auth for Google authentication. All requests to my PHP backend are authorized with a Google access token, which the backend checks with Google before doing anything else. I understand ember-simple-auth has a testing package, but how would I go about testing this app?
The backend is a part of the app's repository, under app/api/.
An approach would be to customise the PHP code depending on the environment (importing config/environment.js), but it's on the backend and it's written in PHP.
You don't want your ember cli tests to depend on the backend so you can simply use ember-simple-auth-testing which will give you a readily authenticated session without interacting with the server at all.