Take for instance Yahoo Mail or Twitter. When someone signs up to use their service, they'll need to automatically deploy a new database, application folder and so on - I assume!
I am planning to write an PHP application to let people add and edit invoices. Good examples would be Zoho Invoice, http://www.getballpark.com/, etc. They sure would be deploying microsites for each customer wouldn't they?
How do you do this? Would it be PHP that will handle it, or some Linux based thing.
Or if I am wrong, correct me. Maybe they have just one huge database and manage their signups from one single application.
Please guide.
Well most applications don't do that. Just imagine Twitter will have to deploy the whole Ruby on Rails Twitter application or the whole Yahoo Mail Server System for every single User.
You only choose the solution you suggest if users really need to customize their app (like plugging in own modules or change core functionality). Usually a (more or less) simple User, user options (like themes) and ACL management (e.g. for the enabled modules) should be sufficient for most applications.
Usually, it is best to use one big database. Using a combination of primary keys, foregin keys, you can easily ensure that you only display data which a user's role entitles him to.
Related
I'm currently developing an iOS app and have reached the point where I need to implement a server back-end in order to support the core functionality.The app is built in a way to store certain questions locally (Within the app) and pose the questions to the app user. I need to tweak it such that it retrieves the question from a remote server. Furthermore, the question will reside in a specific folder within the remote DB. So the app will have to fetch the questions from the appropriate folder based on user login.
I have zero server experience and am need of some advise as to where I should begin with this. I would like to know if there is a template spec for this kind of task. With a template spec, I can hire a programmer and talk intelligently. Please help!
Here is a number of solutions:
1) You can use other services that provide backend functionality with REST API (as #Niklas Hein mentioned), it calls BAAS - backend as a service, such as Parse (but Parse is closing his service in one year), BaasBox, etc.
2) You can use CloudKit. This is service created by Apple, where you can store app data in the cloud, with authorization, requests, admin panel, etc.
3) Create you own back end. Here is a large number of languages and web frameworks, so php is not the only one solution. Ruby on Rails, Python Django, NodeJS, and many others on your choice.
There are plenty of BAAS (Backend as a service) provider, like Parse or Firebase. You might want to have a look into them. (Although Parse is going to shut down.)
Another simple way is to look into PHP Laravel.
Laravel is a great Framework which makes it really easy to set up a backend.
Have a look at Laracast
I'm a php developer for my firm, and I'm kindoff stuck with this concept form Oauth.
I've been searching the web and read almost every article I could find about oAuth but still it won't get to me how to handle this situation.
I live in the Netherlands so forgive me if my writing is sometimes a little bit off.
I'm working on an application for our company. Its an online work platform, where people can sign up to to find work.
We sell our online application to companies who offer jobs and such.
So we have for every company that buys our web application an url like: http://companyname.onlinejobs.com ( for example ).
So we have backend users that can login in their application and they each have different roles and permissions.
We also have http://onlinejobs.com as a website where everybody can sign up to view job oppertunities and much more.
So we also have a frontend user, that also can have multiple roles, such as a free user and a premium user.
We've build a REST API that holds all methods to add and view jobs and profiles etc etc. We want this API to only be accesible to the clients that we register.
So if I register company1.onlinejobs.com than that in my opinion is a client, and can only use our api.
But now we want to intergrate oAuth to the situation.
We want the API to be protected from any unregistered clients, but we also want to make sure that a frontend free user, cannot access surtain api calls that a premium frontend user can make.
or is that permission based behaviour not something for oAuth?
Wich grant type that oAuth2 uses can we use for our situation?
I really need some help with this guys.. Hope somebody can give me a clear explanation about what to use best, or maybe even not at all.
We had a similar use case and we built our own authorization server that can handle the following use cases
Authentication and authorization from the
web applications
javascript enabled apps [Like SPA apps]
Native apps like windows services or windows apps
We have used the following flows in OAuth2.0
Authorization Code
Implicit flow
Resource owner credentials
Hence, the right choice of the flow needs to be decided on the types of applications that you plan to support.
HTH
I'm developing a system using Yii framework and mysql
and after finishing it i'm going to develop another one.
Those two systems should be shared with the same authentication module.
And maybe there are more systems coming up.
But I don't want to have two separate module for each project doing the authentication and authorization and I don't want to assign each user two passwords.
I'm searching for a mechanism to make the A&A process done with one external and shared system and let those two systems communicate with this system to get the rights for the current logged in user.
You need to implement SSO (Single Sign On) or to use some other method to overcome this.
Check here for a simple guide on how to implement SSO: http://merbist.com/2012/04/04/building-and-implementing-a-single-sign-on-solution/
Also check some enterprise implementations like http://www.onelogin.com/
Finally some open source implementations will probably help you like https://github.com/jasny/sso
Q: How would you create a SSO? What would you do about authentication (separate app or same as sso) and user store?
Background info:
We have 40+ php apps, java apps and
Ruby apps.
Currently, we have a custom
SSO+authentication solution. It's an
app written in php that is now used as
SSO, while supporting
email/username/phone-number + password
as authentication. It works, but was
built for a few apps only, not
originally meant to be the SSO -
solution. It doesn't have a usable view, every app create their own login/register forms and use the API. They share context and we'd like a more universal design.
Now we know want to support Oauth and
openid solutions, as facebook connect,
google and more, (or do we really?), in addition to
existing authentications. We can
expand existing php-solution, but we
are considering alternatives.
If you were to do all this in Ruby, what would you do?
Some additional info:
All users exist in SSO, today.
The company does aquire other companies/systems at times, having their own users. Would you migrate or create some kind of mapper?
Customers in a Microsoft CRM, but I consider this unrelated. Or do I?
I've shallowly looked at RubyCAS and ClassyCAS, and don't know if they are suitable. Is CAS the way to go?
Would you keep going with php? What would you use?
As you see, I have a lot of questions. What would you suggest?
I a previous job we used Jasig CAS for SSO (several apps in Java and Python). After getting over some quirks in the configuration and my dislike of all things Java, it actually worked pretty well. At the time I found the wiki to be a valuable resource, but things might have changed in the last year.
Authentication was handled via a separate app (custom) using an OpenLDAP directory that was preinitialized with a script that got user info out of an AD server.
Regarding the actual server you might actually want to use the Jasig one, IIRC it's the reference implementation and is easy to customize via a Maven overlay.
Ruby-cas FTW.
My company creates a lot of applications that have very similar functionality, with a few differences between each one. For example, some sites have a group creation feature, others have user profile pages, and yet others allow users to accumulate achievement points and such.
Our clients want users to be able to log in to each application with the same username/password, since it doesn't really make sense for the user to have to register a different account for each site.
How do we design our database? Is it better to have a single central database for all of our applications, or separate them into individual databases and do JOINs across databases? Which is better performance-wise and design-wise?
Thanks for any insight!
Just go with OpenID. Simplest to just use Facebook Connect as a provider. They let you get to all of your user's data (like name etc.) so you can identify and data mine them if need be.
If you don't want to rely on an external provider to handle your user accounts, then become your own OpenID provider.
I would have a central server, which hosts a user db and web services to access that user db.
That way you can use the same DB, and perform logins over web services to that system from your front end.
This is also scalable and can grow in complexity with your applications.
I would take the other two answers and combines them to make a private OpenId Provider.
This way you can use the standard OpenId clients for your developments, and possibly even open your applications up for external OpenId providers if you developments need them.
This gives scalability and open standards for other applications within the organisations to use the same provider.
In a general way I would develop tables that would be Master Data, they will be single version of the truth application wide. Each and every application will access the same "clients base". In your case it seems that the concept of Master Data can be applied to your applications database.
If the applications are hosted within the company you can use active directory.
You can access active directory from php with the ldap functionality. You can than add users to groups in active directory to give them access to various functionality within the application.