> 1> On client side, I should not allow(if possible redirect him to > login) the user to use my gadget till he logs into google account.
Use cookie detection, if the user has said cookie, then he is authenticated, if not redirect to login state. > 2> Through gadget, I should be able to submit or fetch contents over > HTTS. Does _IG_FetchContent not properly use an HTTPS URL? > 3>On server side, I should be able to know the request really came > from igoogle. You can detect what headers are sent with a request, although this doesn't mean it couldn't be spoofed. Perhaps link the key in the user's login cookie to a session in the server side so that each request is stamped with the key, thus validating the request to a corresponding authenticated user. On Oct 20, 2:03 pm, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> wrote: > Hi All, > > Let me describe my requirements: > > 1> On client side, I should not allow(if possible redirect him to > login) the user to use my gadget till he logs into google account. > > 2> Through gadget, I should be able to submit or fetch contents over > HTTS. > > 3>On server side, I should be able to know the request really came > from igoogle. > > I read some of the documentation in igoogle for the above issues and > looks like none of them suits my requirements. > > thanks, > -Shiva --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "iGoogle Developer Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Gadgets-API?hl=en -~----------~----~----~----~------~----~------~--~---
