Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Authentication forwarden to another IIS server.

Posted on 2003-11-20
9
Medium Priority
?
190 Views
Last Modified: 2010-04-20
Hello, I've got an Apache Webserver where people are authenticated with PHP, MYSql. When a user is valid it can download files from another public IIS server. Access is denied when authentication is not valid on webserver 1.

I want people to download directly from the second server, because of the traffic.  In short, I grant people access to a server when they're authenticated on another.

Has anybody some suggestions how I could achieve this? Im prettty familiar with Apache, PHP, MySQL and stuff, but  I'm not so familiar with IIS.

Thanks for any help or suggestions.
0
Comment
Question by:Tommienbp
  • 4
  • 3
7 Comments
 
LVL 9

Expert Comment

by:fz2hqs
ID: 9786884
Sounds pretty bespoke so suspect there is nothing off the shelf. An idea:

Have all downloads go through some sort of asp / php page that page should do some negotiating with the apache server. Maybe your apache server would serve the link

http://iisserver.com/download.asp?userid=MYUSERID?file=MYFILE.DAT?IP=123.123.123.123

maybe some other parameters, you use the userid and ip to make a request to some sort of webservice on the Apache box - or better still directly to the MySQL database to confirm the bits are correct, then and only then you serve the data file. The ideal way of doing this on IIS is via an ISAPI  DLL however you will need to know something like C, VB or Delphi
0
 

Author Comment

by:Tommienbp
ID: 9786913
Hey fz2hqs thanks for your reply, but I think that would be too complicated.

Is there a way I could grant just one IP (the one of the apache server) access to the IIS Server? Then it would be easy. I could PHP get the files to the apache server and put them there somewhere for the authenticated user.

Only problem is the traffic for the apache server. I'd rather have them downloaded directly from the IIS Server.
0
 
LVL 9

Expert Comment

by:fz2hqs
ID: 9786956
You say it yourself that you are stuck in a catch 22 scenario. On one hand you want PHP on the apache server to manage everything, but you want to avoid the overhead of it being served.

A sanity check - Step back though and look at this another way, you are clearly worried about the Apache server gettin processor or memory bound which is why you are offloading this. This overhead really isn't that great, if you are worried about bandwidth then stop - it makes no odds what server it comes from, doubtless both have 10/100Mbps cards and are going to be bound by the restriction of the size of your link

0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 

Author Comment

by:Tommienbp
ID: 9787151
It is more the extra costs of more bandwidth at my provider.
0
 
LVL 9

Expert Comment

by:fz2hqs
ID: 9787412
Then it makes no difference which server it comes from surely?
0
 

Author Comment

by:Tommienbp
ID: 9787500
Well, the other one is not mine. :) (p.s. I'm dutch ;) )
0
 
LVL 9

Accepted Solution

by:
fz2hqs earned 500 total points
ID: 9787888
I see - I assumed the two servers where physically in the same place.

Bar some clever coding I can not see a quick win for you. You could download or buy a cheap ISAPI filter that you can put on teh IIS Server that will make URL's unguessable i.e.

http://www.server.com/downloads/applications/client/install.exe
..might translate to..
http://www.server.com/asdjo893yh2h3ukh8ehfwa

It is not the exact solution you want, but will offer some amount of protection
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A web service (http://en.wikipedia.org/wiki/Web_service) is a software related technology that facilitates machine-to-machine interaction over a network. This article helps beginners in creating and consuming a web service using the ColdFusion Ma…
Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question