Hi list,
Here's what I'm trying to do.
I have an external login handling service written in PHP with which I
need to interface from Restlet. This system works by setting a $_SERVER
variable (in PHP) after a user is successfully authenticated. What I
need is to read this value from Restlet.
This doesn't seem very simple. PHP in this case is running under an
Apache web server, which handles these global values. I would, then,
need a way to access these Apache values. However, Restlet does not
currently feature an Apache connector.
Does someone have a solution?
Some ideas I've come up with, and discarded:
1. Using the Restlet Jetty connector, and the connecting Jetty to
Apache. Unfortunately, it is not clear to me via the Jetty documentation
that Jetty has access to Apache variables in such a connection. It also
seems like an overly complex solution!
2. Similar to above: running PHP directly from Jetty. Again, I'm not
clear that Jetty provides server variables in the same way that Apache
does for PHP. Also, I'm not sure that this is possible in my
organization... I don't think the security folk would agree to have
their authentication module running on a different server.
3. Writing a simple PHP page that does the authentication, and write a
cookie upon success. However, I don't think that I'd be able to read
this cookie from Restlet. See, the Apache/PHP server runs on standard
port 80, while my Restlet server is on port 8080 (on the same host). As
far as I know, having two servers on different ports, even if they are
on the same hosts, means that I can't share cookies between them. Or is
there a trick I don't know of?
4. As above, except that rather than writing a cookie, I'd write to a
file, which would include an identifier for the client. The problem is
designing some kind of scheme by which the client could be correctly
(and securely) matched with Restlet.
5. Another idea... I was thinking of having the PHP page run a simple
HTTP client (in PHP) that would connect to a special restlet resource
and POST the client. The tricky part is that the client in this case
would be the host machine, not the actual client... so I would need some
way to translate the cookie generated in the Restlet resource to a new
in PHP. I'm not a PHP wizz, so this seems a bit complex to me, but it
might end up being the most transparent solution in case you guys can't
suggest anything better.
Also, assuming I do manage a connection between Restlet and Apache, I
haven't found anything in the Restlet API documentation about reading
server global variables. Does such a thing even exist?
Help!
