通过 HTTP 基本身份验证访问 Web 服务的代理

发布于 2025-01-07 04:45:00 字数 864 浏览 0 评论 0原文

我的组织已订阅名为 Language Grid 的语言 Web 服务基础设施，该基础设施使用服务的基本访问身份验证调用。我们聘请了一名承包商使用这些语言服务为我们开发应用程序。问题是我们不想向承包商提供访问服务网格的用户名和密码，并且我们希望监视（记录）访问。

因此，我们正在考虑为 Web 服务请求创建一个“代理”，以便承包商可以进行如下图所示的测试：

“在此处输入图像描述”

我认为最简单的方法之一是要求承包商通过位于我们服务器上的脚本（PHP 或其他脚本）提出请求，并将此请求转发到服务网格。这样的脚本可能看起来像这样：

$auth = base64_encode("$user:$pass");
$url = $_POST['url']

$request = new HTTPRequest($url, HTTP_METH_POST);
$request->setPostFields($_POST)
$request->send();
$response = $request->getResponseBody();
echo $response;

有没有更好、更安全的方法来做到这一点？例如使用 Apache 代理 mod 功能？

原文

My organisation has subscribed to a language web service infrastructure called the Language Grid which uses basic access authentication for the service invocation. We hired a contractor to develop an application for us using these language services. The problem is that we do not want to give the username and password to access the service grid to the contractor and we want to monitor (log) the access.

Hence we were thinking of creating a "proxy" for the web service requests so that the contractor can make tests as depicted in the following figure:

enter image description here

I was thinking that one of the simplest ways to do this was to ask the contractor to make his requests via a script (PHP or other) located on our server and to relay this request to the service grid. Such a script could look like that:

$auth = base64_encode("$user:$pass");
$url = $_POST['url']

$request = new HTTPRequest($url, HTTP_METH_POST);
$request->setPostFields($_POST)
$request->send();
$response = $request->getResponseBody();
echo $response;

Is there a better and more secure way to do this? For example by using Apache proxy mod functionalities?

分享到QQ

分享到微博