Hi
On 20/02/13 19:16, Sergey Beryozkin wrote:
I wonder if
"GET /users?username={username}&pwd={password}"
is safe enough, as these URIs might get cached somewhere given it is GET
(though not sure if the caching of URIs can happen with HTTPS).
Might make sense considering treating this as an ac
[mailto:cohei...@apache.org]
> > Sent: Mittwoch, 20. Februar 2013 17:06
> > To: Jan Bernhardt
> > Cc: dev@syncope.apache.org
> > Subject: Re: API query
> >
> > A second thought is that a API to return the User matching the given
> > username + password would b
---
> From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
> Sent: Mittwoch, 20. Februar 2013 17:06
> To: Jan Bernhardt
> Cc: dev@syncope.apache.org
> Subject: Re: API query
>
> A second thought is that a API to return the User matching the given
> username + password would be
I wonder if
"GET /users?username={username}&pwd={password}"
is safe enough, as these URIs might get cached somewhere given it is GET
(though not sure if the caching of URIs can happen with HTTPS).
Might make sense considering treating this as an action request, with
the credentials being POS
A second thought is that a API to return the User matching the given
username + password would be quite nice, unless there is another way of
doing this that I am missing. WDYT?
Colm.
On Wed, Feb 20, 2013 at 4:04 PM, Colm O hEigeartaigh wrote:
>
> Thanks Jan, I have updated it. The "old" API meth
Thanks Jan, I have updated it. The "old" API method returns "null" if the
User does not exist, whereas the new API does not seem to return anything.
Would it not be better in both cases to return "false" explicitly? Or are
there backwards compatilbity concerns about changing this?
Colm.
On Wed, F
Hi Colm,
The description is wrong, this method returns a boolean.
Best regards.
Jan
> -Original Message-
> From: Colm O hEigeartaigh [mailto:cohei...@apache.org]
> Sent: Mittwoch, 20. Februar 2013 16:48
> To: dev@syncope.apache.org
> Subject: API query
>
> Hi all,
>
> From the wiki:
>
