PHP客户端和.Net服务器之间的身份验证[关闭]

PHP客户端和.Net服务器之间的身份验证[关闭]

问题描述:

I intent on creating a PHP application that regularly calls into an ASP.Net website to check for updates and then make another call to download updates).

  • I will be using SSL for transport security.
  • The clients need to be PHP as they run other bespoke bash commands.
  • I will need to download data and I've not decided what form.

Can anyone please suggest for my .net application:

  • How to restrict access to the server (I won't know incoming request IP's)?
  • The best structured data transport mechanism? maybe I could use JSON?

nb. if I can create a web service that PHP could consume that's even better!

我打算创建一个PHP应用程序,定期调用ASP.Net网站来检查更新然后再创建另一个 打电话下载更新。 p>

  • 我将使用SSL进行传输安全。 li>
  • 客户端需要使用PHP才能运行其他服务器 bespoke bash命令。 li>
  • 我需要下载数据而我还没决定使用什么表格。 li> ul>

    任何人都可以建议 我的.net应用程序: p>

    • 如何限制对服务器的访问(我不知道传入的请求IP)? li>
    • 最好的 结构化数据传输机制? 也许我可以使用JSON? li> ul>

      nb。 如果我可以创建一个PHP可以使用的Web服务,那就更好了! p> div>

Using JSON is definitively a good idea. It's less verbose than xml and fit particularly well with object oriented programming.

For your authentication issue, you could pass over each request an authentication token (a random string) that only your web service and your PHP code will know. This is safe since SSL will encrypt the request and your auth token will never be "clear" on the network.