For my sins, I am in charge of developing a service for providing data to both our internal systems running .net apps as well as external systems running php. For the sake of future proofing, I want to ensure it is callable from ruby as well.

对于我的罪过,我负责开发一项服务,为运行.net应用程序的内部系统以及运行php的外部系统提供数据。为了将来打样,我想确保它也可以从ruby中调用。

My service will perform authentication and look up account details from a central user repository. So go to our php web front end, enter username/password and the php app calls my thing. Internally, it will be wcf over local tcp/ip, externally, webservice, possibly ws-security.

我的服务将执行身份验证并从*用户存储库中查找帐户详细信息。所以去我们的php web前端,输入用户名/密码,php应用程序调用我的东西。在内部,它将是wcf over local tcp / ip,external,webservice,可能是ws-security。

Obviously, we want to ensure this thing is only called by trusted callers. My initial inclination is to insist on some client certificate mechanism, but as I am a complete n00b outside of the .net world, I need some advice.

显然,我们希望确保这个东西只能由可信赖的呼叫者调用。我最初的倾向是坚持一些客户端证书机制,但由于我是.net世界之外的完整n00b,我需要一些建议。

Do current php/ruby implementations of web service calls support caller client certs? I'm going to go ahead and assume the php/ruby callers run on some standard, modern version of linux. What are the pitfalls to watch out for? The last thing I want is to build this awesome thing, have our .net callers work fine and then need to rebuild it/kludge something together to get it working for our php callers.

当前的Web服务调用的php / ruby​​实现是否支持调用者客户端证书?我将继续并假设php / ruby​​调用者在一些标准的现代版本的linux上运行。有什么值得注意的缺陷?我想要的最后一件事就是构建这个令人敬畏的东西,让我们的.net调用者正常工作,然后需要重建它/ kludge一起来让它为我们的php调用者工作。

Any advice is appreciated.

任何建议表示赞赏。

1 个解决方案

#1

---