[
https://issues.apache.org/jira/browse/SHINDIG-1768?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Stanton Sievers resolved SHINDIG-1768.
--------------------------------------
Resolution: Fixed
Committed revision 1335707.
> Add shindig security token to makeRequest header
> ------------------------------------------------
>
> Key: SHINDIG-1768
> URL: https://issues.apache.org/jira/browse/SHINDIG-1768
> Project: Shindig
> Issue Type: Improvement
> Components: Java
> Affects Versions: 2.5.0
> Reporter: Brian Lillie
> Fix For: 2.5.0
>
> Attachments: mr_3.patch
>
>
> Following on in the same vein as SHINDIG-1756, we want to better identify the
> source of the requests coming into the server via makeRequest. If the
> request authz is not none, then the security token flows. if the authz is
> NONE, the security token is not sent. This change would be to include the
> security token on every request. Since including the token on the URL
> parameter would break the ability to cache, the security token will instead
> be added as a header named X-Shindig-ST on all requests. On the shindig
> server side, the header will be processed if there is not already a token
> supplied as a url parameter or oauth related parameter.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
