Shane Here's another resource on GAE's full-text indexing and search capabilities you might find illuminating...
http://code.google.com/p/googleappengine/issues/detail?id=217 It sure would be nice if we saw full-text indexing on a road-map of sorts, but maybe there are some overriding technical/business issues Google is not at liberty to talk about. Regards. On Jun 2, 10:15 pm, Shane <shanelstev...@gmail.com> wrote: > Hi Nick, > > Ok, excellent. Will do :) > > Thanks again. > > Cheers, > Shane > > On Jun 3, 3:12 pm, "Nick Johnson (Google)" <nick.john...@google.com> > wrote: > > > On Tue, Jun 2, 2009 at 8:45 PM, Shane <shanelstev...@gmail.com> wrote: > > > > Hi Nick, > > > > Thanks for your responses, very helpful! > > > > I intend on programming in Java instead of Python, given it's > > > similarity to C++ for me, so can you recommend a Java session library > > > like Beaker? > > > Hi Shane, > > > I'm not a Java runtime expert - ask in the google-appengine-java group for > > that - but it's my understanding that GAE/Java has built in session support > > - > > see:http://code.google.com/appengine/docs/java/config/appconfig.html#Enab... > > > -Nick Johnson > > > > Cheers, > > > Shane > > > > On Jun 3, 3:42 am, "Nick Johnson (Google)" <nick.john...@google.com> > > > wrote: > > > > Hi Shane, > > > > > Good questions! Replies inline. > > > > > On Tue, Jun 2, 2009 at 7:32 AM, Shane <shanelstev...@gmail.com> wrote: > > > > > > Hello, > > > > > > Having watched what is possible with GWT and GAE during the Wave > > > > > keynote, I feel inspired to to finally delve into Web programming! > > > > > > I am an extremely experienced programmer, but my experience has been > > > > > 20+ years in C/C++ in the video game industry (C64->MAC/PC->PS3), so > > > > > please excuse me if I these questions are stupid/too basic; I feel > > > > > like a total n00b in this domain. I just want to get my head around a > > > > > few things, and hopefully get pointed in the right direction, before I > > > > > start. > > > > > > In short, I love the fact that there is no concept of a 'server' > > > > > running an instance of my app, or some database server. I love that > > > > > the physical architecture is completely abstracted away, allowing > > > > > applications to scale. However this leads me to my questions: > > > > > > 1. Given HTTP requests are stateless, how does my app in the cloud > > > > > keep track of data between requests? Do I store what I need into a > > > > > cloud state object? > > > > > This depends on the nature of the data. For per-user data, it's standard > > > to > > > > use cookie-based sessions, or if the user is logged in with the Users > > > API, > > > > you can store data keyed off their user ID. Since App Engine is > > > distributed > > > > across many computers, you need to store this in the datastore and/or > > > > memcache so it's accessible from all instances. > > > > > > 2. What is considered a session request? I.e. Does GAE see HTTP > > > > > requests from a certain IP address as a session? Or is some sort of > > > > > session ID stored on the client and transmitted with each HTTP Get? > > > > > HTTP - and App Engine - have no built in concept of sessions. It's up to > > > you > > > > to build session support on top of it, usually using cookies as outlined > > > > above. If you want a straightforward session implementation for Python, > > > > Beaker is one: http://beaker.groovie.org/ > > > > > > 3. How does GAE authenticate users? How does GAE ensure the requests > > > > > are coming from the real client, and not a man-in-the-middle? > > > > > If you want to use the Users API, users are authenticated by redirecting > > > > them to a page on Google's servers, where they sign in. This page is > > > served > > > > over HTTPS, to prevent man-in-the-middle attacks and to protect the > > > > confidentiality of their password. Once they're signed in, they're > > > > redirected back to a special URL on your app (which is not directly > > > > accessible to your code) with a URL containing an authentication token. > > > The > > > > special URL verifies the authentication token, issues a cookie for the > > > user, > > > > and finally redirects back to your handler. Subsequent requests check > > > > for > > > > the presence of the cookie and use it to verify the logged-in user. > > > > > > I guess my questions are all centering around the problem of, what is > > > > > a session, and how do I deal with it? > > > > > > Once I understand this, then I will know how to customise my > > > > > application to a user, keep track of data between page requests and > > > > > remember information about them and be on my way. > > > > > > Thanks in advance, > > > > > Shane > > > > > -Nick Johnson --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---