Henry,
Ya, even if I put the SocialApiGuiceModule before the PropertiesModule I
still see the constructor for AnonymousAuthenticationHandler getting
injected with the value of TRUE for allowUnauthenticated, even though I have
shindig.allowUnauthenticated=false
In my shindig.properties. Is this
Argh! Has anyone else worked around this issue? I'll see about providing a
patch.
doug
On 8/3/11 5:05 PM, "Henry Saputra" wrote:
> Ah yes, looks like issue SHINDIG-1454 =(
> I was trying it with REST call, sorry.
>
> However as issue SHINDIG-1455 mentioned, turning off Anonymous ST will
> mak
Ah yes, looks like issue SHINDIG-1454 =(
I was trying it with REST call, sorry.
However as issue SHINDIG-1455 mentioned, turning off Anonymous ST will
make osapi libs do not load properly.
- Henry
2011/8/3 daviesd :
> Hmmm... good observation. However, I switched them around, still no
> success.
Hmmm... good observation. However, I switched them around, still no
success... I wonder if this has to do with
https://issues.apache.org/jira/browse/SHINDIG-1454
and
https://issues.apache.org/jira/browse/SHINDIG-1455
doug
On 8/3/11 4:34 PM, "Henry Saputra" wrote:
> Its happening in the code.
Its happening in the code. See SocialApiGuiceModule class:
public class SocialApiGuiceModule extends AbstractModule {
/** {@inheritDoc} */
@Override
protected void configure() {
bind(ParameterFetcher.class).annotatedWith(Names.named("DataServiceServlet"))
.to(DataServiceServlet
I¹m trying to figure out how to prohibit rpc calls (gadgets.metadata, etc.)
from being made unless shindig.auth.updateSecurityToken has been called. If
I enable secure tokens and I set the token to something in clear text, it
denies the rpc requests as it should. Providing the encrypted token the
