Robson, I was trying this. You wrote // if the request is signed, you'll able to check if the user is the owner of app.
What if in my app i can use the same igoogle id (lets assume MyiGoogleId) to login for different user of J2eeWebApplication. For eg for from the gadget of MyiGoogleId i login using two different users EmployeeId-A EmployeeId-B There has to be a way by which the J2eeWebApplication gets to know which user to share the data for. For the very first time atleast. Then myiGoogleId can be mapped with J2eeWebApplication-Ids Any thoughts ?? ~Vinay On Nov 11, 9:32 pm, Vinay <[EMAIL PROTECTED]> wrote: > Thanks Robson for the solution > I am working on it and will surely post the results. > > ...Vinay > > On Nov 8, 11:28 pm, "Robson Dantas" <[EMAIL PROTECTED]> wrote: > > > Hi Vinay, let's move to a real example: > > > Assuming I'm using json.jar API in my project > > (http://smi-protege.stanford.edu/svn/owl/trunk/lib/json.jar?rev=4085&v... > > ) > > > That's a real basic example, ok ? > > > 1- Read again how to validate signed requests. In our wiki there's an > > example that works on orkut container. It's how you can validate user > > without doing login; > > 2- Build your servlet or whatever; > > 3- Include json.jar in your server path (tomcat, jboss, weblogic, etc, etc) > > 4- Copy and paste this simple thing: > > > JSONObject obj = new JSONObject(); > > > obj.put("firstName", "robson"); > > obj.put("lastName", "silva"); > > obj.put("location", "brazil"); > > String jsonStr = obj.toString(); // return the json as string > > > JSON is just a way that data is returned. In this case will be something > > like {'firstname':'robson','lastname':'silva','location':'brazil'}. > > > 4- After that, you have to use javascript and container's makerequest API to > > call you servlet and then receive data. Assuming that your URL > > ishttp://www.myserver.com/myServletthecode could be something like: > > > function doMyRequest() > > { > > > // here you can send postdata and check parameters in doGet and doPost in > > your servlet > > var postdata = {action: "displayData"}; > > postdata = gadgets.io.encodeValues(postdata); > > > var params = {}; > > > // here shows you that the request is signed > > // if the request is signed, you'll able to check if the user is the owner > > of app. See example how to validate a signed request > > //http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests > > params[gadgets.io.RequestParameters.AUTHORIZATION] = > > gadgets.io.AuthorizationType.SIGNED; > > params[gadgets.io.RequestParameters.METHOD] = gadgets.io.MethodType.POST; > > params[gadgets.io.RequestParameters.POST_DATA]= postdata; > > > gadgets.io.makeRequest('http://www.myserver.com/myServlet', onCallback, > > params);} > > > function onCallback(ret) > > { > > var myData = gadgets.json.parse(gadgets.util.unescapeString(ret.data)); > > > if(myData!=null) > > { > > // just an alert to show data information... > > alert(myData['firstName']); > > alert(myData['lastName']); > > } > > > } > > > Call doMyRequest on init function to see. > > > That's it. Hope that helps. > > > If you still have questions, let me know. > > > Cheers, > > > --Robson > > > 2008/11/7 Vinay <[EMAIL PROTECTED]> > > > > Thanks for your response Robson. Appreciate it. > > > > Please bear with my in-experience with Opensocial and widget > > > development. I tried to search, as u suggested, for json and java in > > > google group and google but was not able to get my hands on anything > > > concrete. > > > > In search there are articles where people talk about "opensocial > > > container" (opensource shindig) and i am thinking that I dont need to > > > implement it to make my sample application work. > > > > Can you give me some pointers on server side java app + widget > > > communication. > > > > many thanks > > > > On Nov 7, 9:43 pm, "Robson Dantas" <[EMAIL PROTECTED]> wrote: > > > > Hi Vinay, > > > > > Yes, it's possible since you can transfer data between the container and > > > > your webserver using the request API. > > > > > Search something about using JSON and JAVA together, you'll see that > > > > it's > > > > really simple. > > > > > Also, take a look on our wiki page, about signed requests. There's a > > > > java > > > > example there: > > > > >http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests > > > > > - Is possible. Add some apps in your profile, and you'll see that. :D > > > > > - About session, you can use signed request to validate the owner, you > > > dont > > > > need to validate the session. The container will tell you if it's a > > > > valid > > > > request. > > > > > Let me know if you have any doubt. > > > > > --Robson > > > > > 2008/11/6, Vinay <[EMAIL PROTECTED]>: > > > > > > Hello, > > > > > > I have been trying to figure out how to develop a gadget in which i > > > > > can pull the data from an existing j2ee web application. Starting from > > > > > using the gadget to login (login screen being the first screen on the > > > > > gadget where user enters his username and password ) and accessing > > > > > different links. > > > > > > Ques : Is something like this really possible ? I think it is > > > > > possible/ > > > > > > if yes What is the correct procedure to start this ?? Of course i need > > > > > to start the j2ee web application first on a live IP aadress. What > > > > > should be the next step ? What is the possible way of maintaining a > > > > > user session ?? I was thinking i can map the unique user id (of the > > > > > social site lets say igoogle) with the user id in my web application > > > > > with the time-stamp and then use the social_user_id as token for all > > > > > the other request. Of course i would need to do much more than that > > > > > for security. > > > > > > Any suggestions about the steps i should take ? > > > > > > Many Thanks > > > > > Vinay --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
