Hi Timo, Thanks a lot for the insights... I will try that approach well and get back to you.
Once you post it on your blog, please place the link here to for reference to us... Thank you again for all the help. Bruno On Mar 13, 3:48 am, Timo Michna <[email protected]> wrote: > Hi! > Could we send more data to APE then to be processed? Let's say, like a > hash for the authentication key plus something that APE could decode > and verify? > I thought about this, too. > The one solution I have for now: > If the user authenticates through the system a unique key will be > generated(one could use the session key) which is passed to the Client.The > key has to be stored in the system to be later referenced by the push > script.The client now connects to APE with this key. Something like this: > client.core.start({"name": 'UserName', > "key":"321"}); client.addEvent('ready', function() > { client.core.join('UserChannel');} > On the server side you create a connect hook > Ape.registerHookCmd("connect", function(params, cmd) { [...see > APE_Server/scripts/examples/nickname.js] // this makes the key > a private property on user cmd.user.key = params.key > return 1;}); > So still anyone could connect to the channel, but we have to makesure, that > only the valid user gets our message. So the script to dothe push also sends > the secret key of the user.Something like this (again like the Controller > demo) > var chan = > Ape.getChannelByName(params.channel);chan.userlist.each(function(user){ > if(user.key == params.key){ user.pipe.sendRaw(params.raw, params.data); > } }); > While I have not tested it, this approach should work. (Another solution > would be, not to do the channel connection througha client call but also in > the connection hook. This will not prevent someonefrom connecting to the > channel, but makes guessing a bit harder) > I hope I can do a proper test over the weekend and then Iwill do a blog post > so more people can find it. > Please, tell me when you might find a reasonable mistake in the solution. > have a nice weekend :o)Timo > > --- bruno.braga <[email protected]> schrieb am Fr, 12.3.2010: > > Von: bruno.braga <[email protected]> > Betreff: [APE Project] Re: Reaching users with external push > An: "APE Project" <[email protected]> > Datum: Freitag, 12. März, 2010 18:43 Uhr > > Thanks for the reply. > > Actually, this already helps... but you are right, the security is > another point we need to be concerned, as we need to find a way to > share the web system authentication to the channel creation in APE > server, or a simple sniffing could show how our page connects to APE > and then logs in to particular channels without being authenticated in > the main system. > > Could we send more data to APE then to be processed? Let's say, like a > hash for the authentication key plus something that APE could decode > and verify? > > Thanks again for the help, > > Bruno > > On Mar 13, 1:30 am, Timo Michna <[email protected]> wrote: > > > > > Hi Bruno! > > There is a relatively easy solution for what you want.(It doesn´t take > > security into account but you can enhance it with further checks). > > You do not actually need to send a mail-adress, the very simplesolution is > > to create a special channel, which is associated withthe User´s > > name. browser-side: > > client.core.join('userNameChannel'); > > Then on server-side do a lookup for the channeland send the message (as > > like in the Command demo): > > var chan = Ape.getChannelByName('userNameChannel');if (!$defined(chan)) > > return ["401", "UNKNOWN_CHANNEL"];chan.pipe.sendRaw(raw, data); > > That would be one solution. There are more sophisticated ones,but only to > > point you in a direction. > > Hope this helps a little :o) > > Timo > > > --- bruno.braga <[email protected]> schrieb am Fr, 12.3.2010: > > > Von: bruno.braga <[email protected]> > > Betreff: [APE Project] Reaching users with external push > > An: "APE Project" <[email protected]> > > Datum: Freitag, 12. März, 2010 15:19 Uhr > > > Hi, > > > I am participating indirectly of a project that is attempting to use > > APE as part of its solution, and I got intrigued with a particular > > situation we need to solve. Sorry my ignorance if I am saying > > something wrong here. I also tried to search this a little bit, but > > didn't find anything that could help me understand it better (well, or > > maybe wrong keywords). > > > Anyway, here is my problem: I need to be able to send information to > > specific users that are connected to the APE server, but the agent > > executing the push is not connected to APE directly (it is not a web > > client, but rather a script being triggered from a specific event on > > our system). If you are on an example like a chat, where you have the > > channel between 2 users, APE only needs to know the pubid of each user > > to handles its location. But in our case, as my script is not > > channeled to any user at all, how do I know where is this user? (since > > I don't know any pubids). > > > The solution we are trying to apply is to add more info in the APE > > server, let's say an email address for instance, so if I push > > something to it for a user from a particular email, then APE knows > > where this user is located to push the message to the browser. > > > Are we going on a bad direction, or, is there a better way to achieve > > that? > > > Thanks in advance, > > > Bruno > > > -- > > You received this message because you are subscribed to the Google > > Groups "APE Project" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected] > > For more options, visit this group > > athttp://groups.google.com/group/ape-project?hl=en > > --- > > APE Project (Ajax Push Engine) > > Official website :http://www.ape-project.org/ > > Git Hub :http://github.com/APE-Project/ > > > __________________________________________________ > > Do You Yahoo!? > > Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz > > gegen Massenmails.http://mail.yahoo.com > > -- > You received this message because you are subscribed to the Google > Groups "APE Project" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group > athttp://groups.google.com/group/ape-project?hl=en > --- > APE Project (Ajax Push Engine) > Official website :http://www.ape-project.org/ > Git Hub :http://github.com/APE-Project/ > > __________________________________________________ > Do You Yahoo!? > Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz > gegen Massenmails.http://mail.yahoo.com -- You received this message because you are subscribed to the Google Groups "APE Project" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/ape-project?hl=en --- APE Project (Ajax Push Engine) Official website : http://www.ape-project.org/ Git Hub : http://github.com/APE-Project/
