[aerogear-dev] Few suggestions about push quickstarts
Matthias Wessendorf
matzew at apache.org
Thu Jun 27 12:56:24 EDT 2013
https://issues.jboss.org/browse/AGPUSH-124
On Thu, Jun 27, 2013 at 6:36 PM, Matthias Wessendorf <matzew at apache.org> wrote:
> On Thu, Jun 27, 2013 at 6:34 PM, Sebastien Blanc <scm.blanc at gmail.com> wrote:
>>
>>
>>
>> On Thu, Jun 27, 2013 at 6:17 PM, Bruno Oliveira <bruno at abstractj.org> wrote:
>>>
>>> Good morning, today I was looking at the quickstart demo for push and
>>> would like to make some considerations and see what do you guys think.
>>> In this way we can file jiras to move forward.
>>>
>>> - The quickstart make use of AeroGear Controller. IMO we should move to
>>> Resteasy
>>
>>
>> +1 , I have a local brach with resteasy, will be pushed tomorrow ;)
>
> let's file a JIRA and attach a PR for that JIRA ;-)
>
>>>
>>> - Code formatting, do we have a template for it? I don't want to mess up
>>> with the project.
>>
>> Yeah, sorry, that is also my fault, is
>> https://github.com/aerogear/ide-config still up to date and shall I use this
>> one ?
>>
>>> - Something that brought to my attention, after discuss with Passos some
>>> issues on Android is when you send: curl -v -b cookies.txt -c
>>> cookies.txt -H "Accept: application/json" -H "Content-type:
>>> application/json" -X POST -d '{"loginName": "john", "password":"123"}'
>>> http://localhost:8080/prodoctor/login
>>>
>>> The HTTP response is:
>>>
>>>
>>> {"id":"8a7d9bfd-6adc-475a-9b90-407efb6bcae5","enabled":true,"createdDate":1372349593981,"expirationDate":null,"partition":null,"loginName":"john","firstName":null,"lastName":null,"email":null,"status":"PTO","password":"123","location":"New
>>> York"}
>>>
>>> Attributes like expirationDate, partition and mailing password should
>>> never be sent back. For more details please take a look at how aerogear
>>> controller demo handle it
>>>
>>> https://github.com/aerogear/aerogear-controller-demo/blob/master/src/main/java/org/jboss/aerogear/controller/demo/Login.java#L48.
>>>
>>> Behind the scenes PicketLink already encrypts the passwords on AGSec,
>>> but I can't do so much if they're sent back through the network. Thoughts?
>>
>>
>> Yes I have to filter the answer like you did in controller, thanks for
>> pointing that out.
>>>
>>>
>>> --
>>> abstractj
>>>
>>> _______________________________________________
>>> aerogear-dev mailing list
>>> aerogear-dev at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>>
>>
>>
>> _______________________________________________
>> aerogear-dev mailing list
>> aerogear-dev at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/aerogear-dev
>
>
>
> --
> Matthias Wessendorf
>
> blog: http://matthiaswessendorf.wordpress.com/
> sessions: http://www.slideshare.net/mwessendorf
> twitter: http://twitter.com/mwessendorf
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
More information about the aerogear-dev
mailing list