On Thu, Feb 9, 2012 at 2:19 PM, Muruga <[email protected]> wrote: > Hi All > I am working an Rails 2.3.14.I am providing web services for > an iphone app thru xml. > My Rails app uses an authlogic gem for authentication.How to > authenticate a API call from an iphone app. > Initially i can able to sign up and login thru XML post > request.After login how my rails app identify me as a logged > user.Whether i need to provide any token after login and using token > for further request for an API call.I am novice in this.please suggest > me the best way to implement authentication for an iphone app. >
One typical way is to use a combination of * https (to authenticate the server and encrypt the channel) * use "Basic Authentication" through this channel Check e.g. curl -u/--user <user:password> as a way to test this. The user:password combination is sent with each request (but this is encrypted by using https). In Rails the set-up of Basic Authentication is very simple (that is a "good thing" less chance to make security errors) Of course, you need an SSL certificate for your server to do this. Since you say you are novice, make sure you let your solution validate by a person with deep security experience before putting it in real production. HTH, Peter *** Available for a new project *** Peter Vandenabeele http://twitter.com/peter_v http://rails.vandenabeele.com http://coderwall.com/peter_v -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
