[aerogear-dev] Authentication issues
Bruno Oliveira
bruno at abstractj.org
Mon Sep 9 11:34:31 EDT 2013
ATM yes, why? Because we make use of entities from the IDM. But there
are many solutions to this problem.
- Implement your own User on the server (only for ag-demo aka the good
ol' AeroGearUser)
- Change the way how AG controller parse these parameters
- Send those credentials on HTTP header
- Get rid off AG controller and implement it on JAX-RS (I would vote for
this one)
Summers Pittman wrote:
> So the solution is to post a empty body with the credentials as query
> parameters in the URL?
>
> On Mon 09 Sep 2013 10:48:07 AM EDT, Bruno Oliveira wrote:
>> Try:
>>
>> curl -v -H "Accept: application/json" -H "Content-type:
>> application/json" -X POST
>> http://controller-aerogear.rhcloud.com/aerogear-controller-demo/login\?user.loginName\=john\&password\=123
>>
>>
>> After you get amused by the awesomeness into these parameters, we can
>> talk about the API design into the IDM :)
>>
>> Summers Pittman wrote:
>>> On Mon 09 Sep 2013 10:23:01 AM EDT, Apostolos Emmanouilidis wrote:
>>>> Probably you receive Bad Request status code because the posted JSON
>>>> does not match the login method signature [1] login(final User user,
>>>> String password).
>>>>
>>>> The JSON {"password":"123","loginName":"john"} would work if the login
>>>> method signature was: login(String loginName, String password).
>>>
>>> I tried a curl with the strings {"loginName":"john", "password":"123"}
>>> and {"user.loginName":"john", "password":"123"} and got the same result.
>>>
>>>> [1]:
>>>> https://github.com/aerogear/aerogear-controller-demo/blob/master/src/main/java/org/jboss/aerogear/controller/demo/Login.java#L47
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, 2013-09-09 at 10:09 -0400, Summers Pittman wrote:
>>>>> We've been updating/regression checking some of our older demos on the
>>>>> Android side of things and are having trouble authenticating
>>>>> against the
>>>>> controller demo.
>>>>>
>>>>> Right now Android posts the following:
>>>>>
>>>>> {"password":"123","loginName":"john"
>>>>>
>>>>> to
>>>>>
>>>>> http://controller-aerogear.rhcloud.com/aerogear-controller-demo/login
>>>>>
>>>>> and receives
>>>>>
>>>>> HTTP/1.1 400 Bad Request
>>>>> {"error":"AG_CONTROLLER000010: Parameter: 'password' was
>>>>> missing from
>>>>> Request"}
>>>>>
>>>>> Any thoughts?
>>>>> _______________________________________________
>>>>> aerogear-dev mailing list
>>>>> aerogear-dev at lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>>
>>>> _______________________________________________
>>>> aerogear-dev mailing list
>>>> aerogear-dev at lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>>
>>>
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>>
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
--
abstractj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
Url : http://lists.jboss.org/pipermail/aerogear-dev/attachments/20130909/103e37d1/attachment-0001.bin
More information about the aerogear-dev
mailing list