2008/7/18, Chris Chabot <[EMAIL PROTECTED]>: > > While working on the PHP version of shindig, i actually went the anonymous > token route. > > What i did is construct a standard SecurityToken object, however with > viewer = owner = app id = 0, which is the magic 'anonymous' id. I thought > this makes sense since it's up to the SNS how to deal with anonymous data > access, some will allow full access to everything, some only to 'public > profiles', some only to a subset of the available information and some will > want to completely disallow it.. by passing it as an anonymous token, the > SNS's service layer can decide how to deal with it ... which seemed the > right solution to me. > > If you pick another solution on the java side let me know so i can adjust > accordingly :) > > -- Chris > > On Jul 18, 2008, at 4:38 PM, Paul Lindner wrote: > > >> I did just notice that a security token is now required for all REST >> operations. If I modify my implementation of SecurityTokenDecoder I can >> construct an 'anonymous' token and return that when a token is not presented >> (this would use a magic userid deemed 'anonymous')... Or we could catch the >> exception and continue processing in contexts where anonymous retrieval >> makes sense.... >> > >
-- -- Thanks, Gretchen May P. Gapol Software Engineer Exist Quest, Inc. 8/F i2 Building Asiatown IT Park, Lahug, Cebu City This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited.
