Lucian Depold
Reputation: 2017
Soap Authentication using Session IDs
I am building an API using Zend Soap and there has to be some sort of authentication to actually use the API. Also I don't want the user credentials to be sent over the net each time a request is done.
Is it ok to do an post-authentication by using sessionids & something like this:
- User authenticates himself once via SOAP and gets his serverside session id in return.
- After that the User has to send his sessionid within the SOAP Header each time he requests something.
- When I get an header containing a sessionid, I check the id against my sessionid_db and perform the request if everything seems alright.
Upvotes: 0
Views: 788
Answers (1)
Related Questions
- PHP - SOAP API authentication
- How i can get sessionid from this SOAPXML
- PHP Soap Server without Soap Client
- SOAP authentication with PHP WSDL
- Custom authentication via SOAP webservice using ZF2
- PHP Soap MustUnderstand
- Adding authentication functionality to soap server (Using Zend)?
- SOAP Authorization
- how to use session ids for authentication purpose
- SOAP Authentication