Most OpenSocial containers including orkut can digitally sign requests -- when signed, requests include the container's name, application URL, owner ID, and a signature which you can verify on your back-end (in orkut's case, using its public key). The links below should help you get started:
http://code.google.com/p/opensocial-resources/wiki/GadgetsMakeRequest The last section has information on how to create a request that will be signed by the container. http://code.google.com/p/opensocial-resources/wiki/OrkutValidatingSignedRequests Provides sample code in PHP and Java for validating signed requests on your back-end. Cheers! - Jason On Aug 29, 12:06 pm, "Fernando chucre" <[EMAIL PROTECTED]> wrote: > How I can validate if the source of request is the container? > > thanks > > -- > Fernando Chucre - LPIC-1http://www.horizontesdigitais.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Orkut Developer Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-orkut?hl=en -~----------~----~----~----~------~----~------~--~---

