Re: [PHP] PHP Java extension--hopeless?
On Wed, 2003-11-26 at 20:17, Raditha Dissanayake wrote: > >Right, I agree this is a very bassakwards way of going about it.. In this > >instance, performance is not really an issue as much as politics.. but > >this comment is useful as we may be able to persuade them into providing > >information about the algorithm in use, to develop something more usable. > >We are the small fish, and the big fish provides this service.. it's > >politically beneficial to us if we could get it running in the short term, > >but it appears that the Java extension really isn't ready for prime time.. > > > >Fortunately I've made contact with the guy who developed the Java code, > >and he has a vested interest in getting it to work with PHP too, so maybe > >in the longer term we can find a better solution... > > > > > > Suggestion: ask your java developer to create JSP that uses the decoder > bean. Host on the LAN. Post the encrypted data to it and recieve the > decrypted response. This would be pathetic in terms of performance but > you don't appear to be concerned about it. You would obviously want to > do this over HTTPS instead of plain old HTTP Or a servlet filter is fine in this situation that redirects to the auth-website if cookie is not set or redirects to the associated php page. -- Ray -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Java extension--hopeless?
Right, I agree this is a very bassakwards way of going about it.. In this instance, performance is not really an issue as much as politics.. but this comment is useful as we may be able to persuade them into providing information about the algorithm in use, to develop something more usable. We are the small fish, and the big fish provides this service.. it's politically beneficial to us if we could get it running in the short term, but it appears that the Java extension really isn't ready for prime time.. Fortunately I've made contact with the guy who developed the Java code, and he has a vested interest in getting it to work with PHP too, so maybe in the longer term we can find a better solution... Suggestion: ask your java developer to create JSP that uses the decoder bean. Host on the LAN. Post the encrypted data to it and recieve the decrypted response. This would be pathetic in terms of performance but you don't appear to be concerned about it. You would obviously want to do this over HTTPS instead of plain old HTTP best regards -- Raditha Dissanayake. http://www.radinks.com/sftp/ | http://www.raditha.com/megaupload Lean and mean Secure FTP applet with | Mega Upload - PHP file uploader Graphical User Inteface. Just 150 KB | with progress bar. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Java extension--hopeless?
On Wed, 26 Nov 2003, Rasmus Lerdorf wrote: > On Wed, 26 Nov 2003, Kelly Hallman wrote: > > I am aware that the PHP documentation says that the Java extension is > > experimental. I am also aware that people say the ISAPI version does not > > work well and that running PHP as a CGI should give better results. We've > > tried, and so far it doesn't seem to be more reliable. > > Not sure how ISAPI has anything to do with Apache on Redhat here. But I > guess you are just making two disjointed comments. Yes, the statements were not connected, I just wanted to pre-empt a bunch of responses stating things I'd already read or already tried. > > Oddly, it does work most of the time. However, maybe 3/10 times or so it > > gives an error. When using the Java extension with PHP running as ISAPI, > > PHP gives the error "Unable to create Java Virtual Machine" .. when > > running as a CGI I get that or one of several different errors--again, > > only part of the time. That is, when an error does appear, refreshing the > > page once or twice will usually bring up the correct output. > > Ok, maybe not. So which is it? There is no ISAPI for Linux. ISAPI is probably not what I meant; I meant apache module version vs. CGI version. I have tried them both, and both give similar results. Sorry, I was talking to someone today who was referring to the apache module version as ISAPI.. I really have no idea what ISAPI exactly is (based on what you've said I'm guessing it's an IIS API), or if 'apache module version' is the correct terminology either... Sorry! :) > Having to run a Java emulator just to decode a cookie sounds absolutely > nuts to me. Can you not get the algorithm for decrypting this cookie > and write it in C? That's how everyone else achieves portability. Right, I agree this is a very bassakwards way of going about it.. In this instance, performance is not really an issue as much as politics.. but this comment is useful as we may be able to persuade them into providing information about the algorithm in use, to develop something more usable. We are the small fish, and the big fish provides this service.. it's politically beneficial to us if we could get it running in the short term, but it appears that the Java extension really isn't ready for prime time.. Fortunately I've made contact with the guy who developed the Java code, and he has a vested interest in getting it to work with PHP too, so maybe in the longer term we can find a better solution... > The demand has been very low and volunteers to improve it are hard to > find. If someone steps up to do it, it will improve. That is what I expected to hear. I didn't expect any magic bullet answer, I am just looking for comments like the ones you gave--so I have some substantiation if the answer ends up being we can't get it to go. Thanks!! -- Kelly Hallman // Ultrafancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] PHP Java extension--hopeless?
On Wed, 26 Nov 2003, Kelly Hallman wrote: > I am trying to find help or information on running the Java extension with > PHP under Apache on Redhat Linux using a Sun JVM. > > I am aware that the PHP documentation says that the Java extension is > experimental. I am also aware that people say the ISAPI version does not > work well and that running PHP as a CGI should give better results. We've > tried, and so far it doesn't seem to be more reliable. Not sure how ISAPI has anything to do with Apache on Redhat here. But I guess you are just making two disjointed comments. > Oddly, it does work most of the time. However, maybe 3/10 times or so it > gives an error. When using the Java extension with PHP running as ISAPI, > PHP gives the error "Unable to create Java Virtual Machine" .. when > running as a CGI I get that or one of several different errors--again, > only part of the time. That is, when an error does appear, refreshing the > page once or twice will usually bring up the correct output. Ok, maybe not. So which is it? There is no ISAPI for Linux. > At first, I was frustrated that the cookie decrypter was only available in > Java.. However, after a while I began to see why they chose to do it this > way: so that you could decrypt the cookie from various languages and > platforms, but they only needed to maintain one code base. Having to run a Java emulator just to decode a cookie sounds absolutely nuts to me. Can you not get the algorithm for decrypting this cookie and simply write it in C? That's how everyone else achieves code portability. > Now, I'm just frustrated that PHP doesn't work very well with Java. > Myself and several others have looked extensively for the answer to this > and we've tried all the viable remedies that have been suggested. Does > anyone have any suggestions? Also, can it be confirmed or denied that > Java support will eventually be dropped from PHP? Plans to improve it? The demand has been very low and volunteers to improve it are hard to find. If someone steps up to do it, it will improve. -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] PHP Java extension--hopeless?
I am trying to find help or information on running the Java extension with PHP under Apache on Redhat Linux using a Sun JVM. I am aware that the PHP documentation says that the Java extension is experimental. I am also aware that people say the ISAPI version does not work well and that running PHP as a CGI should give better results. We've tried, and so far it doesn't seem to be more reliable. Oddly, it does work most of the time. However, maybe 3/10 times or so it gives an error. When using the Java extension with PHP running as ISAPI, PHP gives the error "Unable to create Java Virtual Machine" .. when running as a CGI I get that or one of several different errors--again, only part of the time. That is, when an error does appear, refreshing the page once or twice will usually bring up the correct output. A bit more background: The company I work for has a single sign-in system for web access. You check for a cookie and redirect to another site if the cookie is not set. That site authenticates the user via a web-based login, sets the cookie, and redirects back to your site. Your site then reads the cookie and decrypts it using a Java object. At first, I was frustrated that the cookie decrypter was only available in Java.. However, after a while I began to see why they chose to do it this way: so that you could decrypt the cookie from various languages and platforms, but they only needed to maintain one code base. Now, I'm just frustrated that PHP doesn't work very well with Java. Myself and several others have looked extensively for the answer to this and we've tried all the viable remedies that have been suggested. Does anyone have any suggestions? Also, can it be confirmed or denied that Java support will eventually be dropped from PHP? Plans to improve it? Thanks in advance for any help or pointers!! -- Kelly Hallman // Ultrafancy -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
