I am creating a web service using php's \[code\]SoapServer\[/code\] built-in class. I have run some basic tests and it seems to be working fine, but now I need to limit who can use the service.Assuming that only other scripts on the same server are trying to consume my service, and that they would do this server-side (as opposed to with AJAX or similar means), does my service have any means of identifying the owner of the requester?I could limit access the service to only requests coming from a specific origin, but this seems either very strict or very unreliable, depending on if I allow access to any script in a directory vs. only specific scripts.I'm just not clear if I can limit access by the user on the server since the user that the original requesting script will be www.
How to tell who is calling web service (PHP on Apache)
- Thread starter bobbylime
- Start date