[SHINDIG-1768] Add shindig security token to makeRequest header - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 2.5.0
Fix Version/s: 2.5.0-beta2
Component/s: Java
Labels:
None

Description

Following on in the same vein as ~~SHINDIG-1756~~, we want to better identify the source of the requests coming into the server via makeRequest. If the request authz is not none, then the security token flows. if the authz is NONE, the security token is not sent. This change would be to include the security token on every request. Since including the token on the URL parameter would break the ability to cache, the security token will instead be added as a header named X-Shindig-ST on all requests. On the shindig server side, the header will be processed if there is not already a token supplied as a url parameter or oauth related parameter.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

mr_3.patch
08/May/12 19:25
5 kB
Brian Lillie

Issue Links

relates to

SHINDIG-1812 X-Shindig-St behaves differently when the security token is null between Firefox and WebKit browsers

Resolved

Activity

People

Assignee:: Unassigned

Reporter:: Brian Lillie

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 07/May/12 18:44

Updated:: 02/May/13 02:30

Resolved:: 08/May/12 19:31