Solved

Communication between to different web applications/domains

Posted on 2013-05-31
8
491 Views
Last Modified: 2013-11-19
I’m looking for a solution that allows communication between two different web applications.
I’ve been thinking about Web Service already, but I’m not certain if that is the right approach.
Here’s what I need to do:
-      Communicate/request information from a remote web application
-      Retrieve and process the response serverside (invisibel for the user)
-      Output the result on my web application or reqeust again from the remote web application.

All this needs to be done via web browser.

Could you please point me in the right direction.
Thanks in advance.
0
Comment
Question by:mssky
8 Comments
 
LVL 6

Expert Comment

by:Robert Saylor
ID: 39210408
You will run into issues with sessions because sessions are stored on the 1 domain only. You could pass parameters to the remote website but the best way is to store data in a database and then encrypt your parameters to the remote website having the remote web site decrypt the parameters to retrieve the data from a database that is setup to accept remote connections.
0
 
LVL 20

Accepted Solution

by:
Mark Brady earned 500 total points
ID: 39210416
You can easily communicate between two domains. Api communication is used every day by websites. Most major sites have public api systems that allow you to make requests from them and give you back the info you require.

All you would need to do is build the communication api's on the receiving server and you make ajax requests on the requesting server. Keep in mind if this will not be publicly available information then you would want to build a token service so only your site can login to the main site to ask for information.

One such site that does this is appnexus.com (a big ad server). They have an api service but first your script makes a request to login using a username/password combination. If that passes the test the main server will generate a token of some sort and send it back to the requester. That token is valid for whatever time period you want but I think usually about 2 hours.

You store that token in a cookie or in memcache if you use that php service.

Each request you make must have that token go along with the parameters or you will get a permission denied response.

This could all be done fairly easily if you are only wanting basic information. If you want more advance stuff then a bit of planning needs to go into it.

I like the command system I built a year ago. That's where you have a standard command file which accepts a specific command (like for example:  user.profile.get)  and the command system will instantiate the user class and go to the method requested - in this case profile_get()

Very easy to use and it saves repeating a lot of code as your system expands.

Anyway I hope that has helped a little bit.
0
 
LVL 20

Expert Comment

by:Mark Brady
ID: 39210430
@ rsaylor  
I use database session handling for that sort of thing. I was going to use php database session handling but it was to restrictive/limited for my needs so I built my own session handler.

Basically instead of doing a session_start()  you instantiate the session class (which I built).

The constructor looks for a session cookie with a certain name and if it finds it it loads the cookie data which is an id of that session. Then it loads all the session variables from the database with that session id into an object or an array which you make global to your private/public functions in the class.

Each session has an expiry time and when a request is made for any session, it checks the expiry time and if it has expired it is deleted along with any session data records.
0
 
LVL 6

Expert Comment

by:Robert Saylor
ID: 39210462
Nice send the code if you don't mind. That could be really handy.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 108

Expert Comment

by:Ray Paseur
ID: 39210468
In case anyone suggests that you use SOAP, run (don't walk) for the exits.  The web is littered with the rotting and dessicated carcasses of failed SOAP projects, and it is now almost universally avoided in favor of simpler and more intuitive web service protocols.  A RESTful web service is probably the right way to go.  REST uses the design of the WWW.  Requests are atomic, complete and stateless; responses are complete and usually instantaneous.  Please read this article for some background on the client/server model.
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/A_11271-Understanding-Client-Server-Protocols-and-Web-Applications.html

The code snippet shows the "hello world" exercise for a RESTful web service.  Because it is an information-only service, it uses the GET method for requests and it can be tested from the web browser address bar.  This makes the process of modifying and debugging amazingly quick and easy.  You can experiment with it on my server via this URL.
http://www.laprbass.com/RAY_REST_get_last_name.php?key=ABC&resp=&name=COBOL

<?php // RAY_REST_get_last_name.php
error_reporting(E_ALL);


// DEMONSTRATE HOW A RESTFUL WEB SERVICE WORKS
// INPUT FIRST NAME, OUTPUT FAMILY NAME
// CALLING EXAMPLE:
// file_get_contents('http://laprbass.com/RAY_REST_get_last_name.php?key=ABC&resp=XML&name=Ray');


// OUR DATA MODEL CONTAINS ALL THE ANSWERS - THIS COULD BE A DATA BASE - AS SIMPLE OR COMPLEX AS NEEDED
$dataModel
= array
( 'Brian'   => 'Portlock'
, 'Ray'     => 'Paseur'
, 'COBOL'   => 'Dinosaur'
, 'Dave'    => 'Baldwin'
)
;


// RESPONSE CAN BE PLAIN TEXT OR XML FORMAT
$alpha = NULL;
$omega = NULL;

// NORMALIZE AND TEST THE "resp=" ARGUMENT
if ( (isset($_GET["resp"])) && (strtoupper(trim($_GET["resp"])) == 'XML') )
{
    // PREPARE THE XML WRAPPER
    $alpha = '<?xml version="1.0" encoding="utf-8" ?>' . PHP_EOL . '<response>' . PHP_EOL;
    $omega = PHP_EOL . '</response>';
}


// TEST THE 'API KEY' - THIS COULD BE A DATA BASE VALIDATION LOOKUP - AS SIMPLE OR COMPLEX AS NEEDED
$key = (!empty($_GET["key"])) ? $_GET["key"] : FALSE;
if ($key !== 'ABC')
{
    echo $alpha . 'BOGUS API KEY' . $omega;
    die();
}


// LOOKUP THE FAMILY NAME
$name = (!empty($_GET["name"])) ? $_GET["name"] : 'UNKNOWN';

// IF THE NAME FROM THE URL IS FOUND IN THE DATA MODEL
if (array_key_exists($name, $dataModel))
{
    // RETURNS THE APPROPRIATE FAMILY NAME FROM THE DATA MODEL
    die( $alpha . $dataModel[$name] . $omega );
}


// RETURNS THE UNKNOWN NAME INDICATOR
else
{
    die( $alpha . "UNKNOWN: $name" . $omega );
}

Open in new window

Best regards, ~Ray
0
 
LVL 20

Expert Comment

by:Mark Brady
ID: 39211391
Actually I can post it as I wrote it for my company and that would cost me my job unfortunately. However the basic principles are quite straight forward to implement.
0
 

Author Comment

by:mssky
ID: 39218273
Thanks to all for you prompt replay.
0
 
LVL 20

Expert Comment

by:Mark Brady
ID: 39218744
B grade?  Nice.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

I've been asked to discuss some of the UX activities that I'm using with my team. Here I will share some details about how we approach UX projects.
"In order to have an organized way for empathy mapping, we rely on a psychological model and trying to model it in a simple way, so we will split the board to three section for each persona and a scenario and try to see what those personas would Do,…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now