Hi Jun, login/logout can be implemented in order to store on the client side user credentials that are sent with HTTP requests. Currently there is no way in the REST-api to get a "session token" (like the cookie sent after a login is made using the web form) so that subsequent requests are performed on the behalf of a previously authenticated user.
So what is usually done is to send basic-auth credentials with each request. You can start with this. Next you might try to retrieve the cookie by faking a standard login and using that cookie in subsequent requests. The ideal setting would be to implement server side some OAuth-like mechanism, but this is out of scope wrt your project. -Fabio On Sat, Jun 4, 2011 at 6:27 PM, Jun Han <[email protected]> wrote: > Dear all, > > I am on the way of replacing the xmlrpc implementation of > RemoteXWikiDataStorage implements IDataStorage {}. > > One question is about how to implement login and logout functionality > via REST API. > From REST API document, users can be authenticated via something like: > 1. XWiki session > 2. HTTP Basic Auth. > > HTTP basic auth can be implemented via adding HTTP header to the HTTP > request, then XEclipse can display Xwiki Resources by parsing the response. > > Therefore, do we need to implement login and logout methods? > > Best regards > Jun Han > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs > _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
