Whenever you are creating a rest api and connecting to orientdb instance , then you need to have proper header in place. The most important is authorizarion header which changes on every machine. We need to know what is the authorization token on that particular instance , which can be detected by proxy tools.
On Tuesday, 11 March 2014 12:49:26 UTC+5:30, Gaurav Dhiman wrote: > > I noted that the way OrientDB authenticate user for every HTTP access is > by expecting username:password encoded in base64 for every HTTP call. Isn't > that a bad idea. > > I think, username:password should only be expected once at the time of > login (HTTP connect call). Once connect is successful, OrientDB should > return session ID and in consecutive call to ORientDB server that session > ID should be sent in place of username:password combination. Using > sessionID OrientDB should be able to fetch current logged-in user and and > its details at server end to perform specific actions. > > Can we achieve above in OrientDB (for HTTP REST calls) ? > > Regards, > Gaurav > -- --- You received this message because you are subscribed to the Google Groups "OrientDB" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
