[appengine-java] Re: secure appengine urls with security constraints
To require https, you can do this: security-constraint web-resource-collection url-pattern/mobile/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/CE1hDzrCcUcJ. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: secure appengine urls with security constraints
Thanks. I already had https enabled. That was straightforward from GAE docs. What I was trying to do is to prevent anyone from hitting my appengine urls other than customers who use our mobile app on phones. I could use some public/private key on handset and server and control who can access the urls. I also successfully tried ClientLogin interface to use appengine's OAuth API and send a valid token as part of every request. -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/A4QB6LWRXKUJ. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
Re: [appengine-java] Re: secure appengine urls with security constraints
I don't think there is a way unless you setup your own vpn. Also internet supposed to be shared and public ;) On Aug 15, 2011 3:16 PM, objectuser kevin.k.le...@gmail.com wrote: To require https, you can do this: security-constraint web-resource-collection url-pattern/mobile/*/url-pattern /web-resource-collection user-data-constraint transport-guaranteeCONFIDENTIAL/transport-guarantee /user-data-constraint /security-constraint -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/CE1hDzrCcUcJ. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en. -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.
[appengine-java] Re: secure appengine urls with security constraints
Anyone has ideas on this topic? I don't want my application on appengine to be publicly available to anyone who knows the url. My client app running on mobile handsets ONLY should be able to hit my app on appengine servers. -- You received this message because you are subscribed to the Google Groups Google App Engine for Java group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/MWUJofGeYZoJ. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.