Search Results

Search found 5597 results on 224 pages for 'restful architecture'.

Page 60/224 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

  • Restlets with Google App Engine, Java Server Pages, (JSP's), and Shiro authentication

    - by DutrowLLC
    I'm having difficulty integrating Restlets into my project. I'm using google app engine (GAE) and I also have some java server pages (JSPs) set up. The JSP's never seem to work at the same time as the Restlets, should I only be using one or the other in GAE? I'm also using Shiro (formerly Ki, formerly JSecurity) and I have been unable to get Restlets to work with Shiro's filter for authentication. Are there any issues in particular that I should be aware of? What are other people using to secure restlet apps on GAE? Is Shiro overkill if I just need authentication and some role-based authorization? Thanks so much! Chris

    Read the article

  • Inject a EJB into JAX-RS (RESTfull service)

    - by Zeck
    Hi guys, I'm trying to inject Stateless EJB into my JAX-RS webservice via Annotations. Unfortunately the ejb is just null and I get a NullPointerException when I try to use it. @Path("book") public class BookResource { @EJB private BookEJB bookEJB; public BookResource() { } @GET @Produces("application/xml") @Path("/{bookId}") public Book getBookById(@PathParam("bookId") Integer id) { return bookEJB.findById(id); } } What am I wrong doing? Here are some informations about my machine: Glassfish 3.1 Netbeans 6.9 RC 2 Java EE 6 Can you guys put some working example? And thank you for every advises and examples?

    Read the article

  • What is the best way to extend restful_authentication/AuthLogic to support lazy logins by an anonymo

    - by Kevin Elliott
    I'm building an iPhone application that talks to a Ruby on Rails backend. The Ruby on Rails application will also service web users. The restful_authentication plugin is an excellent way to provide quick and customizable user authentication. However, I would like users of the iPhone application to have an account created automatically by the phone's unique identifier ([[UIDevice device] uniqueIdentifier]) stored in a new column. Later, when users are ready to create a username/password, the account will be updated to contain the username and password, leaving the iPhone unique identifier intact. Users should not be able to access the website until they've setup their username/password. They can however, use the iPhone application, since the application can authenticate itself using it's identifier. What is the best way to modify restful_authentication to do this? Create a plugin? Or modify the generated code? What about alternative frameworks, such as AuthLogic. What is the best way to allow iPhones to get a generated auth token locked to their UUID's, but then let the user create a username/password later?

    Read the article

  • spring 3 mvc requestmapping dynamic param problem

    - by Faisal khan
    I have the following code which works fine with http://localhost:8080/HelloWorldSpring3/forms/helloworld but i want to have url have some thing like this http://localhost:8080/HelloWorldSpring3/forms/helloworld/locname_here/locid_here I found that adding this @RequestMapping("/helloworld/**") will work but when i try to access http://localhost:8080/HelloWorldSpring3/forms/helloworld/locname_here/locid_here it is not found. Web.xml entry as follows <servlet-mapping> <servlet-name>dispatcher</servlet-name> <url-pattern>/forms/*</url-pattern> </servlet-mapping> Mapping bean entry @RequestMapping("/helloworld/**") public ModelAndView helloWord(){ String message = "Hello World, Spring 3.0!"; return new ModelAndView("helloworld", "message",message); }

    Read the article

  • What is the correct response for web service?

    - by Eric
    One of my web services returns the list of ids of the the projects a person is owner of. That is, when I GET http://example.com/wsListProjects?user=eric I get back xml with the list of projects. However, when I specify user=xxx, who doesn't exist, I currently return a 404 response? Is this the correct response to return? Thanks.

    Read the article

  • Proper use of HttpRequestInterceptor and CredentialsProvider in doing preemptive authentication with

    - by Preston
    I'm writing an application in Android that consumes some REST services I've created. These web services aren't issuing a standard Apache Basic challenge / response. Instead in the server-side code I'm wanting to interrogate the username and password from the HTTP(S) request and compare it against a database user to make sure they can run that service. I'm using HttpClient to do this and I have the credentials stored on the client after the initial login (at least that's how I see this working). So here is where I'm stuck. Preemptive authenticate under HttpClient requires you to setup an interceptor as a static member. This is the example Apache Components uses. HttpRequestInterceptor preemptiveAuth = new HttpRequestInterceptor() { @Override public void process( final HttpRequest request, final HttpContext context) throws HttpException, IOException { AuthState authState = (AuthState) context.getAttribute(ClientContext.TARGET_AUTH_STATE); CredentialsProvider credsProvider = (CredentialsProvider) context.getAttribute( ClientContext.CREDS_PROVIDER); HttpHost targetHost = (HttpHost) context.getAttribute(ExecutionContext.HTTP_TARGET_HOST); if (authState.getAuthScheme() == null) { AuthScope authScope = new AuthScope(targetHost.getHostName(), targetHost.getPort()); Credentials creds = credsProvider.getCredentials(authScope); if (creds != null) { authState.setAuthScheme(new BasicScheme()); authState.setCredentials(creds); } } } }; So the question would be this. What would the proper use of this be? Would I spin this up as part of the application when the application starts? Pulling the username and password out of memory and then using them to create this CredentialsProvider which is then utilized by the HttpRequestInterceptor? Or is there a way to do this more dynamically?

    Read the article

  • YQL and FLickr query not understood in the console

    - by Daniel Hertz
    Hello, So I am trying to use YQL to access the flickr api but I have been having some issues. From reading the YQL info, it seemed like I could use any flickr query in YQL but for some reason I cannot use flickr.people.getPublicPhotos call to access all pictures from a certain person. When I try any such query it isn't recognized. Is this possible? Am I doing something wrong? Thanks!

    Read the article

  • Get HTTP Get parameters from Restlet Request

    - by Holograham
    I am trying to figure out how to get the parameters from a Restlet request object. my request comes in as /customer?userId=1 and I want to grab the parameter to pass to my DAO for the query. @Get("xml") public Representation toXml() throws ResourceException, Exception { try { //get param from request //call DAO with parameter } catch(Exception e) { throw e; } }

    Read the article

  • asp.net mvc got 405 error on HTTP DELETE request?

    - by DucDigital
    Hi everyone... Im trying to pass the DELETE to a url in asp.net mvc using Javascript but however i always got "405 Method not allow" return. is there anyway to make this work? FYI: i've put the [AcceptVerb(HttpVerb.Delete)] attribute on my controller. DELETE /post/delete/8 this is the request

    Read the article

  • Ruby ways to authenticate using headers?

    - by webdestroya
    I am designing an API system in Ruby-on-Rails, and I want to be able to log queries and authenticate users. However, I do not have a traditional login system, I want to use an APIkey and a signature that users can submit in the HTTP headers in the request. (Similar to how Amazon's services work) Instead of requesting /users/12345/photos/create I want to be able to request /photos/create and submit a header that says X-APIKey: 12345 and then validate the request with a signature. Are there any gems that can be adapted to do that? Or better yet, any gems that do this without adaptation? Or do you feel that it would be wiser to just have them send the API key in each request using the POST/GET vars?

    Read the article

  • Receiving a JSON string & saving one of the array paramaters to the database as a full string

    - by ElTren
    Hi I have a JSON string that looks like this (Usingt Rails and a REST service) { person: { name:"Pepe", last:"Smith" hats:[ { team:"lakers", color:"purple"}, { team:"heats", color:"red" }] } } I want to be able to able to get that JSON, and save the Person to the database, but I want to save the "hats".. as a string to the database; without parsing it or anything like that i.e. I want to save this to SQL: hats = "[ { team:"lakers", color:"purple"}, { team:"heats", color:"red" }] }" Is there a way to do this in rails?

    Read the article

  • Rails method as a nested resource

    - by Blastula
    Hello, I'm wondering about the clever way to do this... I have methods that return a value when passed an an object as parameter, such as: <%= average_rainfall(@location) % I'd like to use the exact same methods as a nested resource to call via jQuery/Ajax, like so: .load('/location/8/average_rainfall') I understand how to define the route, but how do I tell my method to 'find' /location/8 and use that as it's parameter instead of @location as expected? Thanks!

    Read the article

  • What's an appropriate HTTP status code to return by a REST API service for a validation failure?

    - by michaeljoseph
    I'm currently returning 401 Unauthorized whenever I encounter a validation failure in my Django/Piston based REST API application. Having had a look at the HTTP Status Code Registry I'm not convinced that this is an appropriate code for a validation failure, what do y'all recommend? 400 Bad Request 401 Unauthorized 403 Forbidden 405 Method Not Allowed 406 Not Acceptable 412 Precondition Failed 417 Expectation Failed 422 Unprocessable Entity 424 Failed Dependency Update: "Validation failure" above means an application level data validation failure ie. incorrectly specified datetime, bogus email address etc.

    Read the article

  • Rails - Seeking a Dry authorization method compatible with various nested resources

    - by adam
    Consensus is you shouldn't nest resources deeper than 1 level. So if I have 3 models like this (below is just a hypothetical situation) User has_many Houses has_many Tenants and to abide by the above i do map.resources :users, :has_many => :houses map.resorces :houses, :has_many => :tenants Now I want the user to be able edit both their houses and their tenants details but I want to prevent them from trying to edit another users houses and tenants by forging the user_id part of the urls. So I create a before_filter like this def prevent_user_acting_as_other_user if User.find_by_id(params[:user_id]) != current_user() @current_user_session.destroy flash[:error] = "Stop screwing around wiseguy" redirect_to login_url() return end end for houses that's easy because the user_id is passed via edit_user_house_path(@user, @house) but in the tenents case tenant house_tenent_path(@house) no user id is passed. But I can get the user id by doing @house.user.id but then id have to change the code above to this. def prevent_user_acting_as_other_user if params[:user_id] @user = User.find(params[:user_id] elsif params[:house_id] @user = House.find(params[:house_id]).user end if @user != current_user() #kick em out end end It does the job, but I'm wondering if there is a more elegant way. Every time I add a new resource that needs protecting from user forgery Ill have to keep adding conditionals. I don't think there will be many cases but would like to know a better approach if one exists.

    Read the article

  • simple authorisation in web api

    - by monthon1
    I want to make nice and clean api; I'm making site and I want to offer the ability to mobile apps use web API of my site. I don't want to use oAuth, becouse the mobile and embedded applications that are facing the biggest hurdle, as they may not be able to bring up and/or control the web browser. Also its a little complicate. I know, that HTTP basic authorisation is not safe, but it's so simple... I want to use it in my api. I have somee users logins and their passwords (md5-encoded) in mysql base, but how to use those data in this HTTP basic authorisation?

    Read the article

  • Bizarre Bug with our Rails app in IE

    - by Callmeed
    We're experiencing a really bizarre bug in our Rails 2.3.4 app. This bug only happens in Internet Explorer (7 and 8). Here's what happens: A new customer creates an account at https://domain.com/signup/free (notice no subdomain) Their account is identified by a subdomain like "example.domain.com" After signing up, they get a welcome screen with a link to their account's home page They follow the link, then click the "log in" button and attempt to login Even though they provide valid credentials, the app redirects back to their account's root url ... they can never reach their admin area The only way they can login (on IE) is by quitting and re-opening IE ... then it works fine ... Something with their initial session is preventing them from logging in. If it matters, we are using restful_authentication and the ssl_requirement plugin ... I'm not sure if one or both of those has a problem with IE but we are stumped here. Also, I've read IE has an issue with subdomains that contain underscores ... this isn't what's going on.

    Read the article

  • Spring MVC 3.0 Rest problem

    - by Gidogeek
    Hi Guys, I'm trying out Spring MVC 3.0 for the first time and like to make it RESTfull. This is my controller: @Controller @RequestMapping(value = "/product") @SessionAttributes("product") public class ProductController { @Autowired private ProductService productService; public void setProductValidator(ProductValidator productValidator, ProductService productService) { this.productService = productService; } @RequestMapping(method = RequestMethod.GET) public Product create() { //model.addAttribute(new Product()); return new Product(); } @RequestMapping(method = RequestMethod.POST) public String create(@Valid Product product, BindingResult result) { if (result.hasErrors()) { return "product/create"; } productService.add(product); return "redirect:/product/show/" + product.getId(); } @RequestMapping(value = "/show/{id}", method = RequestMethod.GET) public Product show(@PathVariable int id) { Product product = productService.getProductWithID(id); if (product == null) { //throw new ResourceNotFoundException(id); } return product; } @RequestMapping(method = RequestMethod.GET) public List<Product> list() { return productService.getProducts(); } } I have 2 questions about this. I'm a believer in Convention over Configuration and therefor my views are in jsp/product/ folder and are called create.jsp , list.jsp and show.jsp this works relatively well until I add the @PathVariable attribute. When I hit root/product/show/1 I get the following error: ../jsp/product/show/1.jsp" not found how do I tell this method to use the show.jsp view ? If I don't add the RequestMapping on class level my show method will be mapped to root/show instead of root/owner/show how do I solve this ? I'd like to avoid using the class level RequestMapping.

    Read the article

  • Removing email activation from restful_authentication plugin

    - by allesklar
    I have a Rails app handling authentication with the restful_authentication plugin. I'm experiencing problems with the email activation feature and before I deal with that I would like to just allow my users to register without having to go through the email activation process. How do I disable the email activation feature. Rails 2.2.3 Restful_authentication

    Read the article

  • How to use PHP-based authentication from non-PHP based AJAX app?

    - by DavidR
    I've been asked to create a stand-alone webapp using "straight" HTML and Javascript that does user authentication against an existing PHP app (backend is MySQL). Unfortunately, I really don't have a firm grasp on how PHP authentication works, and I'd rather not invest a lot of time in learning PHP just for this particular case. I can see two possibilites so far 1) create a PHP wrapper around my new app and use native PHP authentication (don't like this) 2) create a simple REST-ful webservice around the PHP authentication (don't know how to do this) Anything else I should consider? Help is much appreciated!

    Read the article

  • What is the current standard for authenticating Http requests (REST, Xml over Http)?

    - by CodeToGlory
    The standard should solve the following Authentication challenges like- Replay attacks Man in the Middle Plaintext attacks Dictionary attacks Brute force attacks Spoofing by counterfeit servers I have already looked at Amazon Web Services and that is one possibility. More importantly there seems to be two most common approaches: Use apiKey which is encoded in a similar fashion like AWS but is a post parameter to a request Use Http AuthenticationHeader and use a similar signature like AWS. Signature is typically obtained by signing a date stamp with an encrypted shared secret. This signature is therefore passed either as an apiKey or in the Http AuthenticationHeader. I would like to know weigh both the options from the community, who may have used one or more and would also like to explore other options that I am not considering. I would also use HTTPS to secure my services.

    Read the article

  • Network ActiveRecord relation with Rails

    - by Zag zag..
    Hi, I have a has and belongs to many relation between User and Article models, and I would like to link them even if an article if not hosted on the same database then a user. For example, If an article exists at foo.com/articles/3 and a user exists at bar.com/users/1, If would like to be able to do from foo.com web interface or bar.com web interface this kind of query: a_user.articles (or an_article.users). I think this can be possible adding a field like "url" in users and articles tables. But I don't know how to process for ActiveRecord. My Article model looks like this: class Article < ActiveRecord::Base has_and_belongs_to_many :users end Is there yet some example of project using this kind of relation over internet? Many thanks

    Read the article

  • Saving form values to database after a user logs in

    - by redfalcon
    Hi. We have a form with ratings to submit for a certain restaurant. After the user has entered some values and wants to submit them, we check whether the user is logged in or not. If not, we display a login form and let the user put in his account data and redirect him to the restaurant he wanted to submit a rating for. The problem is, that after he successfully logged in himself, the submitted values are not saved to the database (which works fine if the user is already logged in). So I wondered if it is possible, to somehow save the data although the user is not logged in. I thought of maybe saving the filled values in a variable and have then automatically re-entered after we redirected the user. But I guess this wont work because we use before_filter :login_required, :only => [ :create ] So we couldnt even access the filled in values, since we display the login-form before the method has processed the values in the form, right? Any idea how we can make rails to save the values or at least have them automatically re-entered to the form? Thanks!

    Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >