我有一个网络应用程序,用户可以在其中创建他们的帐户并使用该服务。现在,我想给他们一个自定义域设施,一旦他设置了自定义域,app.customer1web.com 使用用户 ID customer1 指向 myservice.com,因为世界看起来我的服务正在他的机器上运行。博客、wp.com、tumblr 等许多服务都提供了此功能。
我怎么做?我正在使用 java 编写我的网络应用程序。请求进来时如何将域名映射到用户ID?
问问题
3482 次
4 回答
19
请求进来时如何将域名映射到用户ID?
显然,您必须将这些信息存储在某个地方,很可能是在数据库中。
添加一个
domains包含列的数据库表:- 客户ID
- 姓名
- 活动(1 或 NULL)
- 挑战
为 (name, active) 添加唯一键,以确保域名仅映射一次。
当客户尝试添加域时,添加一个带有 active=NULL 的行并将挑战设置为随机字符串。
Show the random string to the customer and ask them to put up a web page with it on the site or create a dummy DNS record with it to verify domain ownership (this is how Google Apps do it).
You could verify ownership by sending an email to the administrative contact or in some other way.
When the customer says he did what you instructed them to do in step #2, verify it and set active=1, challenge=NULL.
If the domain was previously active for some other customer, delete those records or set active=0.
Ask the customer to add a CNAME record for their domain and forward it to your domain, e.g.
hosted.myservice.com(Google usesghs.google.comfor Google Apps).When a request comes in, do
SELECT customerId FROM domains WHERE name=:requestDomain AND active=1
A better way may be to automatically offer your customers a domain in the format of <customername>.myservice.com, in addition to custom domains. This gives you two benefits:
Customers who don't wan't to use their own domain can still customize their login page, e.g. with a company logo.
For custom domains, you can ask your customer to forward them to
<customername>.myservice.cominstead of to a generichosted.myservice.com.This enables you to horizontally partition customers among multiple servers without having to ask customers to change anything on their end. For example, you could give customers an option to choose whether they want their account hosted in EU or US. When they change it, just transfer their data and update
<customername>.myservice.com. Their custom domain will work automatically.
To do this, you'd have to set up a wildcard DNS record for *.myservice.com (unless you also need the latter feature, in which case you'll have to manage individual records).
于 2009-12-13T11:25:38.263 回答
2
您可以使用的一种解决方案是为您的应用程序设置通配符 DNS 记录,并让应用程序本身检查 RequestURI 以查看用户进入的主机名。
我知道这是一个非常模糊的答案,但听起来像是设置了通配符记录,使用单个函数检查主机名是你最好的选择。这样,您不必在每次客户注册时都设置 DNS 记录,而且您有更多时间自己做其他事情……比如为您的应用程序添加新功能!
于 2009-12-11T18:42:15.163 回答
0
我不太确定我是否真的了解您想做什么,但我尝试为您提供一个可能的解决方案(至少对于您问题的 Java 部分)。
一种可能性是设置应用程序服务器,使每个请求都由一个 Servlet (web.xml) 处理。这个 servlet 可以找到请求 url ( HttpServletRequest.getRequestURI ) 并提取用户名。然后,您了解用户并可以将此信息用于您想做的任何事情。
请注意,您想做的事情涉及很多 DNS 内容!(至少和我理解的一样。)
于 2009-12-10T14:31:12.757 回答
0
@jaka's answer is well explained. To add more on to it, If you're using ngnix as a LB, it can forward the original hostname using the below configuration.
proxy_set_header Host $host;
If you're using express (nodejs), you can read hostname(cname) from the request headers. You can do your authorization checks with cname and user cookies.
For the certificate you can go with *.example.com (wildcard).
于 2021-06-14T07:52:45.067 回答