1 Reply Latest reply on Apr 14, 2004 2:13 PM by Erik Sliman

    Jboss and Apache and PHP?

    lords_diakonos Newbie

      I have a war file that uses form based authentication against Active Directory. I am about to set Jboss up to use Apache as the web server. My question is
      Can I put php pages in the war file? I don't want people to access the php pages without having loged in first from the login form Jboss is using. I am in the process of converting most of my web apps and inter/intra net stuff to Jboss but it is alot of work and I am still new to Java.

        • 1. Re: Jboss and Apache and PHP?
          Erik Sliman Apprentice

          I can't say it's not possible, as you can now run scripts in Java. You should look at apache's Jakarta projects, as I remember one of them giving the ability to run script languages from a Java web server. I'm not sure if you could extend this to run PHP. Even if you do, how would PHP access the session information? You'd probably end up creating a servlet wrapper for your PHP so it could supply this info.

          Other than that, though, I'd say typically the answer to your question is no. PHP is configured in Apache. The way you configure JK is you tell Apache to forward requests that match a pattern to Tomcat. I've never heard of Tomcat being able to handle PHP, except possibly through the theoretical method I mentioned in the first paragraph.

          I've thought a lot about this problem. You can have Apache forward only requests that match *.jsp or /servlet/*, but then what about images and other things that could feasibly be in both Apache and your war? For the time being, I've resorted to putting everything in the war, because I don't want a war to have to depend on external images, html, or any other type of file.

          There is one work around, though. You could create separate virtual hosts, and have one forward to Tomcat, while another accesses a local repository. You might use a different subdomain. You can setup each virtual host's JK forwarding differently. If I need infrastructure outside J2EE, such as PHP, this is what I do.

          But, let's say you have php.mydomain.com setup for your php applications, and www.mydomain.com setup for Tomcat. The problem in your case is still session management. Since J2EE handle's user session manangement internally, how can your PHP content running through Apache possibly share the same session information?

          I do plan to solve this sometime down the road with JoshuaBranch AS (JB-AS), which uses tokenized user access. Eventually, I'll have SSO completely integrated in it, which can be shared across any server using JB-AS. Then, I'll have client interfaces for PHP, among other languages. This will permit J2EE, PHP, Python, Perl, and even .NET to share a user's session across all servers in an enterprise. This is down the road, though.

          Today, JB-AS has a client interface for any J2EE container (JBoss, WebSphere, etc,...), and can secure both the Web and EJB modules They can all share the same live data, so you can centrally manage your application security for all your J2EE applications on all your servers. However, the current API doesn't offer applications the ability to share a user session (SSO), and the API for non-J2EE clients isn't available, yet. Since, the security is centralized and tokenized, though, most of the development to enable these features is in the API.

          Let me know how you end up solving your PHP problem. If I can help answer any questions you have, feel free to ask.