You certainly need it with XWiki session.
In general, XWiki session is more secure because:
- the login part can be made over https if needed
- then, no password but only a session ID is exchange (typically bound to the
IP)
I agree it makes no sense to login with Basic Auth.
paul
Le 4 juin 2011 à 18:27, Jun Han a écrit :
> Dear all,
>
> I am on the way of replacing the xmlrpc implementation of
> RemoteXWikiDataStorage implements IDataStorage {}.
>
> One question is about how to implement login and logout functionality
> via REST API.
> From REST API document, users can be authenticated via something like:
> 1. XWiki session
> 2. HTTP Basic Auth.
>
> HTTP basic auth can be implemented via adding HTTP header to the HTTP
> request, then XEclipse can display Xwiki Resources by parsing the response.
>
> Therefore, do we need to implement login and logout methods?
>
> Best regards
> Jun Han
> _______________________________________________
> devs mailing list
> [email protected]
> http://lists.xwiki.org/mailman/listinfo/devs
_______________________________________________
devs mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/devs
