Bill Moseley wrote: > On Mon, Oct 15, 2007 at 09:16:14AM +0100, Ash Berlin wrote: >>> I'm toying with using a ticket based authentication where the token >>> would be sent in the XMLRPC request body, but use the existing >>> (cookie-based) session setup that that application uses. >>> >> Using cookies for XMLRPC is considered bad form - most clients that talk >> to XMLRPC wont have a cookie jar. > > Just to be clear, the paragraph above is about *not* using cookies for > the XMLRPC request. >
Ah okay. Yeah I mis-read it, but I see what you mean know: You are talking about pulling the session id out of the XML request, thus letting $c->session being used as normal. _______________________________________________ List: [email protected] Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
