Authentication methods for Zend Framework XML-RPC server

Question

I have a Zend Framework application whose sole purpose is to serve as an XmlRpc / JSONRPC server.

I've mostly followed the philosophy from this guide for my implementation method. I overrode my Bootstrap's run() method to run a Zend_XmlRpc_Server object and attach the API classes to it.

I want to authenticate any XML-RPC method that gets ran with an "API key" I have stored in a database table. If I had a traditional MVC ZF setup, I would use a controller plugin to automatically take care of the authentication, but I don't have that option. My only solution right now is manually insert code into each API method to check for authentication.

Any thoughts on a more pragmatic way to solve this issue? I'd prefer not to have a bunch of repeated code at the top of every method.

Answer 1

several ways to solve the q

1. easiest create in Bootstrap Reqest Object manually and check headers

   protected function _initModifiedFrontController()
   {
       $this->bootstrap('FrontController');
       $front = $this->getResource('FrontController');
   
   
   $request = new Zend_Controller_Request_Http();
   
   
   $response = new Zend_Controller_Response_Http();
   $response->setHeader('Content-Type','text/html; charset=UTF-8', true);
   $front->setResponse($response);
   $front->setRequest($request);
   
   
   if ($request->isXmlHttpRequest()) {
       $authAdapter = new Zend_Auth_Adapter_DbTable(
           $dbAdapter,
           'users',
           'username',
           'password'
       );
   
   
       // ...or configure the instance with setter methods
       $authAdapter = new Zend_Auth_Adapter_DbTable($dbAdapter);
   
   
       $authAdapter
           ->setTableName('users')
           ->setIdentityColumn('username')
           ->setCredentialColumn('password')
       ;
   
   
   }
   
   
   }
   

Read manual Zend_Auth. this is a "zend way".

or u can write custom AuthAdaper.it's easy :)

UPDATE 1:

Read this carefully