Zend Server Web API Spotlight: Z-Ray

Hey Everybody,

Zend Server 7.0 is released and with it an exciting new feature: Z-Ray. This new feature exposes your application’s inner workings and logic to you, its developer. To say that Z-Ray makes life easier is an understatement but there will be plenty of other blog posts to praise it and show how it can be used.

Zend Server 7.0 also releases a group of new Web API actions and some relevant bug fixes. True to form, Z-Ray uses the Zend Server Web API to implement many of its presentation features.

New Web API actions for Zend Server 7.0.0

Z-Ray required the implementation of a number of Web API actions to facilitate it. These actions are not the sole purview of Z-Ray, anyone may use them the same as any Web API action. The Web API actions break down into two groups – Data and Administrative.

Data retrieval Z-Ray Web API actions

Data in Z-Ray is collated by Request and by Page. A Page may contain within its context a few Requests. In particular, the first Request, is also the Page.

• zrayGetRequestsInfo retrieves information about requests belonging to a particular Page using its pageId. You may also pass a “last” parameter to indicate which is the last requestId that you retrieved. Using this parameter you may implement a form of list reader or ongoing polling.
• zrayGetRequestFunctions retrieves information about the functions executed as part of a particular request. This information includes performance and profiling details.
• zrayGetRequestEnvironment retrieves the contents of the request’s Superglobal arrays. This includes all superglobals in PHP. Specifically $_SESSION and $_COOKIE are sampled twice – once at the start of the request, then at the end of request. This allows you to perform comparisons and track session changes.
• zrayGetBacktrace retrieves backtrace entries for Log Entries or Database Queries. The necessary ids are supplied by the zrayGetRequestsInfo Web API action. This allows you to actually trace down the stack of calls that lead to a particular query or log entry.

Administrative Z-Ray Web API actions

Current implementation of Z-Ray allows it to be used on a production server in “secured” mode. In this state, Z-Ray is only displayed to users that add an access token to their request as a query parameter. You can manage these tokens using the UI or the following Web API actions.

• zrayListAccessTokens retrieves a list of existing tokens and their associated meta-data and restrictions.
• zrayCreateAccessToken generates a new random token. Note that tokens must carry certain limitations such as origin IP address, an expiration date and maybe a target URL.
• zrayRemoveAccessToken completely deletes a specified token.
• zrayExpireAccessToken immediately causes a selected token to expire.

Changes and fixes in Web API actions for Zend Server 7.0.0

Along with Z-Ray, Zend Server 7.0.0 got some love and affection from bug fixes. Some of those are reflected in changes to the Web API:

Versions prior to Zend Server 7.0.0 carried a serious issue in Web API authentication when using Extended Authentication. Not to worry – this is a limitation in accessibility, not a security issue. Any attempt to access Web API with a key bound to an Extended Authentication user would always fail (as secure as it gets!) due to an issue in mapping our internal roles. This issue was fixed for Zend Server 7.0.0. A patch for Zend Server 6.3 also exists and is available in Support’s knowledge base.

A limitation for SSL vhost creation was removed. Zend Server’s webservers now support multiple SSL vhosts on different hosts and on the same port.

An issue with story the “history” parameter in the auditSettings Web API action was fixed.

An issue with datacacheClear reporting incorrect results about keys was fixed.

Thank you for reading and good luck with Zend Server 7.0.0. Be sure to check out Z-Ray, it is a truly handy feature to have around your PHP scripts!

Read more : Zend Server Web API Spotlight: Z-Ray