[aerogear-dev] Few suggestions about push quickstarts
Matthias Wessendorf
matzew at apache.org
Thu Jun 27 12:32:32 EDT 2013
On Thu, Jun 27, 2013 at 6:17 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
> Good morning, today I was looking at the quickstart demo for push and
> would like to make some considerations and see what do you guys think.
> In this way we can file jiras to move forward.
>
> - The quickstart make use of AeroGear Controller. IMO we should move to
> Resteasy
+1 - I think it was already mentioned on that original thread (or an IRC).
> - Code formatting, do we have a template for it? I don't want to mess up
> with the project.
yes. You mean "check-style" (part of the build), or more a "template" ?
> - Something that brought to my attention, after discuss with Passos some
> issues on Android is when you send: curl -v -b cookies.txt -c
> cookies.txt -H "Accept: application/json" -H "Content-type:
> application/json" -X POST -d '{"loginName": "john", "password":"123"}'
> http://localhost:8080/prodoctor/login
>
> The HTTP response is:
>
> {"id":"8a7d9bfd-6adc-475a-9b90-407efb6bcae5","enabled":true,"createdDate":1372349593981,"expirationDate":null,"partition":null,"loginName":"john","firstName":null,"lastName":null,"email":null,"status":"PTO","password":"123","location":"New
> York"}
>
> Attributes like expirationDate, partition and mailing password should
> never be sent back. For more details please take a look at how aerogear
> controller demo handle it
> https://github.com/aerogear/aerogear-controller-demo/blob/master/src/main/java/org/jboss/aerogear/controller/demo/Login.java#L48.
>
> Behind the scenes PicketLink already encrypts the passwords on AGSec,
> but I can't do so much if they're sent back through the network. Thoughts?
yep, makes sense :)
>
> --
> abstractj
>
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
More information about the aerogear-dev
mailing list