Hi Anthony, Restful API are not fully implemented for direct url call as that will need OAuth support. In that case OAuth token will be passed to identify application's authenticity. Right now no authentication is done in direct url calls like :
http://localhost:8012/social/rest/people/10050/@self Which are known as anonyms calls and allowed till the OAuth support is implemented. but when you run any container for example sample container it sends the security token to the server. Chris please correct me if I am wrong. On Thu, Aug 28, 2008 at 6:38 AM, Anthony Lai <[EMAIL PROTECTED]>wrote: > Hi Ram, > > But for the restful api, as least when I am using it right now in my > shindig build, I do not need to pass any tokens, and data can be returned. > For example, when I put: > > http://localhost:8012/social/rest/people/10050/@self > > It returns the person with id 10050. How are tokens being passed to > Shindig for restful apis? > > Thanks. > Sincerely, > Anthony > > > Ram Sharma wrote: > >> Hi Anthony, >> >> When ever you make a call to Shindig you have to pass a Security token(or >> OAuth token). That token contains the appId and may be the URL of the >> gadget >> also. So, I think that way you can Identify which application/gadget is >> making the request. >> >> hope that helps. >> >> Anybody feels I am wrong please correct me. >> >> >> >> >> On Tue, Aug 26, 2008 at 6:13 AM, Anthony Lai <[EMAIL PROTECTED] >> >wrote: >> >> >> >>> Hi, >>> >>> I am currently implementing shindig, and we provide data differently to >>> different types of apps (trusted, untrusted), so trusted apps would get >>> more >>> privacy data. For the restful API, is there a way to figure out which >>> app >>> is requesting the data? >>> >>> Thanks. >>> Sincerely, >>> Anthony >>> >>> >>> >> >> >> >> >> > > -- Ram Sharma Software Engineer Impetus Infotech (India) Pvt Ltd Indore
