Hey Vin, Yep, every authentication connection is handled via HTTPS, and then after that the token will be passed along via HTTPS if you're using the latest version of the Java client lib.
Thanks, -Vic On Fri, Mar 18, 2011 at 8:35 AM, Vin <[email protected]> wrote: > I am programmatically accessing private spreadsheet data from a Java > servlet using the GoogleService extension of > com.google.gdata.client.Service. EG I call > service.setUserCredentials(username, password) with appropriate data and > then get the Spreadsheet feed form the service via: > service.getFeed(factory.getSpreadsheetsFeedUrl(),SpreadsheetFeed.class); > > I've done some cursory googling and FAQ searching, and I can't seem to find > the answer to this question: Is the authentication handled in a secure > fashion? IE, at the very least, is the PWD/UID sent encrypted? I was about > to start seeing if I could run down the source code, but I figured this > would be a better first start. Sorry if this question is considered noobish > :-) > > I did *really* enjoy coding up the sheet reader using the data API. > Excellent work to whoever is responsible. A real joy to use. >
