Hi Vinay, It sounds like using the OAuth proxy would be a good way to go about this- if your j2ee app supported OAuth, you could write an app like the one described here: http://code.google.com/apis/gadgets/docs/oauth.html to make use of the proxy.
Currently, the proxy is only supported on iGoogle, but it should be available on other OpenSocial containers in the future. ~Arne On Nov 16, 4:33 pm, Vinay <[EMAIL PROTECTED]> wrote: > But that will tie one user of social site (with opensocial_owner_id) > to one user in my > system (j2ee web app). > What I want is that one open social user with one opensocial_owner_id > can use > different J2ee web app's username and password (to log on to j2ee web > app)from his page. > > So for the first time I want to send the username and password (like > any other data field but secured) to the j2ee app and then perhaps > keep a mapping between opensocial_owner_id and j2eeWebAppId for that > specific session. Wanted to be sure that I am thinking in the right > direction or am i missing something here. > > ...vinay > > On Nov 17, 1:17 am, Arne Roomann-Kurrik <[EMAIL PROTECTED]> wrote: > > > Hi Vinay, > > > Signed requests may include the parameters opensocial_viewer_id and > > opensocial_owner_id which will identify which user is currently using > > your app. > > > ~Arne > > > On Nov 14, 4:26 am, Vinay <[EMAIL PROTECTED]> wrote: > > > > Robson, > > > > I was trying this. > > > You wrote // if the request is signed, you'll able to check if the > > > user is the owner > > > of app. > > > > What if in my app i can use the same igoogle id (lets assume > > > MyiGoogleId) to login for different user of J2eeWebApplication. For eg > > > for from the gadget of MyiGoogleId i login using two different users > > > > EmployeeId-A > > > EmployeeId-B > > > > There has to be a way by which the J2eeWebApplication gets to know > > > which user to share the data for. For the very first time atleast. > > > Then myiGoogleId can be mapped with J2eeWebApplication-Ids > > > > Any thoughts ?? > > > > ~Vinay > > > > On Nov 11, 9:32 pm, Vinay <[EMAIL PROTECTED]> wrote: > > > > > Thanks Robson for the solution > > > > I am working on it and will surely post the results. > > > > > ...Vinay > > > > > On Nov 8, 11:28 pm, "Robson Dantas" <[EMAIL PROTECTED]> wrote: > > > > > > Hi Vinay, let's move to a real example: > > > > > > Assuming I'm using json.jar API in my project > > > > > (http://smi-protege.stanford.edu/svn/owl/trunk/lib/json.jar?rev=4085&v... > > > > > ) > > > > > > That's a real basic example, ok ? > > > > > > 1- Read again how to validate signed requests. In our wiki there's an > > > > > example that works on orkut container. It's how you can validate user > > > > > without doing login; > > > > > 2- Build your servlet or whatever; > > > > > 3- Include json.jar in your server path (tomcat, jboss, weblogic, > > > > > etc, etc) > > > > > 4- Copy and paste this simple thing: > > > > > > JSONObject obj = new JSONObject(); > > > > > > obj.put("firstName", "robson"); > > > > > obj.put("lastName", "silva"); > > > > > obj.put("location", "brazil"); > > > > > String jsonStr = obj.toString(); // return the json as string > > > > > > JSON is just a way that data is returned. In this case will be > > > > > something > > > > > like {'firstname':'robson','lastname':'silva','location':'brazil'}. > > > > > > 4- After that, you have to use javascript and container's makerequest > > > > > API to > > > > > call you servlet and then receive data. Assuming that your URL > > > > > ishttp://www.myserver.com/myServletthecodecouldbesomething like: > > > > > > function doMyRequest() > > > > > { > > > > > > // here you can send postdata and check parameters in doGet and > > > > > doPost in > > > > > your servlet > > > > > var postdata = {action: "displayData"}; > > > > > postdata = gadgets.io.encodeValues(postdata); > > > > > > var params = {}; > > > > > > // here shows you that the request is signed > > > > > // if the request is signed, you'll able to check if the user is the > > > > > owner > > > > > of app. See example how to validate a signed request > > > > > //http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests > > > > > params[gadgets.io.RequestParameters.AUTHORIZATION] = > > > > > gadgets.io.AuthorizationType.SIGNED; > > > > > params[gadgets.io.RequestParameters.METHOD] = > > > > > gadgets.io.MethodType.POST; > > > > > params[gadgets.io.RequestParameters.POST_DATA]= postdata; > > > > > > gadgets.io.makeRequest('http://www.myserver.com/myServlet', > > > > > onCallback, > > > > > params);} > > > > > > function onCallback(ret) > > > > > { > > > > > var myData = > > > > > gadgets.json.parse(gadgets.util.unescapeString(ret.data)); > > > > > > if(myData!=null) > > > > > { > > > > > // just an alert to show data information... > > > > > alert(myData['firstName']); > > > > > alert(myData['lastName']); > > > > > } > > > > > > } > > > > > > Call doMyRequest on init function to see. > > > > > > That's it. Hope that helps. > > > > > > If you still have questions, let me know. > > > > > > Cheers, > > > > > > --Robson > > > > > > 2008/11/7 Vinay <[EMAIL PROTECTED]> > > > > > > > Thanks for your response Robson. Appreciate it. > > > > > > > Please bear with my in-experience with Opensocial and widget > > > > > > development. I tried to search, as u suggested, for json and java in > > > > > > google group and google but was not able to get my hands on anything > > > > > > concrete. > > > > > > > In search there are articles where people talk about "opensocial > > > > > > container" (opensource shindig) and i am thinking that I dont need > > > > > > to > > > > > > implement it to make my sample application work. > > > > > > > Can you give me some pointers on server side java app + widget > > > > > > communication. > > > > > > > many thanks > > > > > > > On Nov 7, 9:43 pm, "Robson Dantas" <[EMAIL PROTECTED]> wrote: > > > > > > > Hi Vinay, > > > > > > > > Yes, it's possible since you can transfer data between the > > > > > > > container and > > > > > > > your webserver using the request API. > > > > > > > > Search something about using JSON and JAVA together, you'll see > > > > > > > that it's > > > > > > > really simple. > > > > > > > > Also, take a look on our wiki page, about signed requests. > > > > > > > There's a java > > > > > > > example there: > > > > > > > >http://wiki.opensocial.org/index.php?title=Validating_Signed_Requests > > > > > > > > - Is possible. Add some apps in your profile, and you'll see > > > > > > > that. :D > > > > > > > > - About session, you can use signed request to validate the > > > > > > > owner, you > > > > > > dont > > > > > > > need to validate the session. The container will tell you if it's > > > > > > > a valid > > > > > > > request. > > > > > > > > Let me know if you have any doubt. > > > > > > > > --Robson > > > > > > > > 2008/11/6, Vinay <[EMAIL PROTECTED]>: > > > > > > > > > Hello, > > > > > > > > > I have been trying to figure out how to develop a gadget in > > > > > > > > which i > > > > > > > > can pull the data from an existing j2ee web application. > > > > > > > > Starting from > > > > > > > > using the gadget to login (login screen being the first screen > > > > > > > > on the > > > > > > > > gadget where user enters his username and password ) and > > > > > > > > accessing > > > > > > > > different links. > > > > > > > > > Ques : Is something like this really possible ? I think it is > > > > > > > > possible/ > > > > > > > > > if yes What is the correct procedure to start this ?? Of course > > > > > > > > i need > > > > > > > > to start the j2ee web application first on a live IP aadress. > > > > > > > > What > > > > > > > > should be the next step ? What is the possible way of > > > > > > > > maintaining a > > > > > > > > user session ?? I was thinking i can map the unique user id > > > > > > > > (of the > > > > > > > > social site lets say igoogle) with the user id in my web > > > > > > > > application > > > > > > > > with the time-stamp and then use the social_user_id as token > > > > > > > > for all > > > > > > > > the other request. Of course i would need to do much more than > > > > > > > > that > > > > > > > > for security. > > > > > > > > > Any suggestions about the steps i should take ? > > > > > > > > > Many Thanks > > > > > > > > Vinay --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OpenSocial Application Development" group. To post to this group, send email to opensocial-api@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/opensocial-api?hl=en -~----------~----~----~----~------~----~------~--~---
