Hi Stanton
Thanks for the reply. We want all requests to shindig include a token,
looks like this is currently available as you have mentioned.
Also can you let me know what I am getting errors while running mvn
install. I have changed container.js with "gadgets.securityTokenType" to
secure and added the path to the file which contains the key to
"gadgets.securityTokenKey". I am getting this error:
INFO: The security token or credential is malformed and cannot be parsed.
Results :
org.apache.shindig.auth.SecurityTokenException: Invalid security token
canonical:john.doe:test:domain:appUrl:1:default:1337008734
at
org.apache.shindig.auth.BlobCrypterSecurityTokenCodec.createToken(BlobCrypt
erSecurityTokenCodec.java:140)
Failed tests:
fetchPerson(org.apache.shindig.server.endtoend.EndToEndTest): test
method fetchTwoProperties did not finish
fetchPeople(org.apache.shindig.server.endtoend.EndToEndTest): test
method fetchPluralUsers did not finish
at
org.apache.shindig.auth.DefaultSecurityTokenCodec.createToken(DefaultSecuri
tyTokenCodec.java:69)
notFoundError(org.apache.shindig.server.endtoend.EndToEndTest): test
method notFoundError did not finish
at
org.apache.shindig.auth.UrlParameterAuthenticationHandler.getSecurityTokenF
romRequest(UrlParameterAuthenticationHandler.java:63)
The createToken() method in BlobCrypterSecurityTokenCodec is looking for
fields.length to be 2 but in this case we have fields.length as 8 since
the token is "canonical:john.doe:test:domain:appUrl:1:default:1337011522"
Maybe I am doing something wrong. Is there any configuration that I am
missing?
Regards
Venkat
On 5/14/12 10:20 AM, "Stanton Sievers" <[email protected]> wrote:
>Hi Venkat,
>
>Can you clarify exactly what requests you want the security token to be
>sent on? Today it should be sent on any osapi.* request, any makeRequest
>(since [1]), and any request using OAuth. The only requests it shouldn't
>flow on would be those to the content proxy, for urls obtained through
>gadgets.io.getProxyUrl().
>
>On a side note, one can set
>"gadgets.uri.iframe.alwaysAppendSecurityToken"
>to true in the container.js to ensure that a security token is always
>available to the gadget on the ifr url.
>
>[1] https://issues.apache.org/jira/browse/SHINDIG-1768
>
>Best regards,
>-Stanton
>
>
>
>From: "Mahadevan, Venkat" <[email protected]>
>To: "[email protected]" <[email protected]>,
>Date: 05/14/2012 09:56
>Subject: Send Security Token with each request by default
>
>
>
>Hi
>
>Is there a way in Shindig trunk to enable sending security tokens with
>every request?
>
>
>
>Thanks
>Venkat
>
>
>
