[aerogear-dev] Security / HTTP Basic: server interaction for Login/logout ?

Hi, we do have server side endpoints, for login/logout: SPEC: http://aerogear.org/docs/specs/aerogear-rest-api/ TODO demo: https://github.com/aerogear/TODO/blob/master/server/src/main/java/org/aer... (routes to https://github.com/aerogear/TODO/blob/master/server/src/main/java/org/aer... ) One thing that I noticed, when talking w/ Christos about the HTTP BASIC support, is that currently the modules "just" set the credentials on "LOGIN", and they perform a "clean-up", on the logout. For both, login/logout, no request is send to the matching "endpoints" on the server-side Android (logout): https://github.com/aerogear/aerogear-android/blob/29b70da146e965e18ae9b69... iOS (logout): https://github.com/cvasilak/aerogear-ios/blob/464b981e4aafbace032cd403163... Not sure, but ususally, a logout against the server also performs some sort of clean up. For instance in the TODO demo, it issues a logout against the IDM: https://github.com/aerogear/TODO/blob/master/server/src/main/java/org/aer... Greetings, Matthias -- Matthias Wessendorf blog: http://matthiaswessendorf.wordpress.com/ sessions: http://www.slideshare.net/mwessendorf twitter: http://twitter.com/mwessendorf