Hello everyone, it was quiet the last week, well I had a bad cold so Milestone 2 starts a bit late... Milestone 2 is about client authentication. GData client auth is also defined (well kind of) in the gdata protocol reference on code.google.com. The client is supposed to support either a cookie base auth or just an auth token send back as an post response. The client authenticates itself via a post request to the servers auth interface sending following parameters:
[EMAIL PROTECTED]&Passwd=north23AZ&service=servicename&source=Gulp-CalGulp-1.05 the email represents the account name which is associated with a service provided by the server. Each server can provides m services with n feeds. Each feed belongs to one account. As it is quiet hard to figure out whether a client does support plain token or cookie auth I will send both back to the client. after the client has received the auth token or cookie it will call some restricted resource on the server sending either the cookie or the auth token. The cookie contains only the auth token. So these are facts, I will generate a MD5 key as the auth token using the email, password and a timestamp or something similar and save it on the server in a kind of a session storage. the session storage will hold the sessions for a certain time and will invalidate it if it is timed out. Additionally i will save the client ip (at least the first 32 bits) within the session and check it on subsequent requests. So this is fine as long as the server is a stand alone server. What happens if there is a load balancer and a server farm with more than one gdata server instances?! I could define all gdata servers in the cluster / farm in each config file and if a session is created or modified the current server sends a notice to all other servers to replicate the session. (Session is not the HTTPSession). But this could be quiet a lot of work so synchronize all hosts and register / unregister them if the crash... I guess this should be done in a later state of development, I just have 2 month left... So this might be a task for development after the SoC program has finished. Any Ideas about that? yours simon --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
