Hi there,

I have found an interesting Bug. I have recently deployed my Yii 1.1.6 web app to Amazon Webservices - using Amazon's Opworks - which allows you to create a stack for your application - and spin up several instances of your Yii App for scalability.

A strange thing happens however, when I try to use their Load Balancer.
After pointing my domain to the loadbalancer, my app starts spitting out the following error:

Fatal error: Uncaught exception 'CHttpException' with message 'Unauthorized' in /srv/www/myapp/releases/20150725045718/protected/extensions/starship/RestfullYii/filters/ERestFilter.php on line 81

When I look at that line in the code, it is a switch statement

switch ($controller->emitRest(ERestEvent::REQ_AUTH_TYPE, $application_id)) {
case ERestEventListenerRegistry::REQ_TYPE_CORS:
$authorized = $controller->emitRest(
ERestEvent::REQ_AUTH_CORS,
[$controller->emitRest(ERestEvent::REQ_CORS_ACCESS_CONTROL_ALLOW_ORIGIN)]
);
break;
case ERestEventListenerRegistry::REQ_TYPE_USERPASS:
$authorized = ($controller->emitRest(ERestEvent::REQ_AUTH_USER, [
$application_id,
$controller->emitRest(ERestEvent::REQ_AUTH_USERNAME),
$controller->emitRest(ERestEvent::REQ_AUTH_PASSWORD),
]));
break;
case ERestEventListenerRegistry::REQ_TYPE_AJAX:
$authorized = ($controller->emitRest(ERestEvent::REQ_AUTH_AJAX_USER));
break;
default:
$authorized = false;
break;
}

Does anyone have an idea why this is happening?

Hi there,
I may be closer to understanding what is going wrong...
as mentioned,
I have recently deployed a Yii1.1.x app to a PHP Layer using Amazon OpWorks.
I have spun up two separate PHP instances running Yii, both pointing to an RDS.
All incoming requests go through a load balancer, which directs the traffic either to my two instances (app1, or app2).
I am finding however that after a user logs into my app, if an ajax requests gets routed to the other instance,
my RestfulYii is saying that the request is Unauthorized.

• and the load balancer is sending them here and there - ie: some to app3, and some to app6 - BUT - since the user has logged into app3, a session hasn't been created for app6 yet - so the user returns an "unauthorized" message -

I am wondering - how to do get your different app servers aware of when a user has logged into one of them? Anyhow have experience with this?

the problem is your session where u logined does not get accepted on the other servers
in the Yii board there are enough topics about it, restfullyii has probably nothing to do with it though