Hi alf, Security is a pretty large field, and I am not a cryptographer (IANAC ;-) so take this with a grain of salt.
One way that you could authenticate a user over a direct HTTPS request (not using a browser) is to send the credentials over HTTPS using Digest Auth. This wikipedia article has some good information: http://en.wikipedia.org/wiki/Digest_access_authentication I recommend tunneling the request and response data through HTTPS to provide a measure of privacy. Additional encyption might be desirable depending on your level of paranoia :-) There are more secure options than digest auth, I mentioned it because it seems pretty simple. Digital Singatures using Public Key cryptography would probably be more secure, but it might be a bit more difficult to set up. Basic Auth would be even easier to implement than Digest Auth, but is less secure. Anyone else have a recommendation for alf? Thank you, Jeff On Dec 3, 2:45 pm, alf <[EMAIL PROTECTED]> wrote: > hi all, > > i would like know how to connect to my app engine with a user/password > without user interaction similar like connections string in sqlserver > or other ddbb, obviously passing this data trought internet with > privacy. > > thanks --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
