When I am trying the example at http://code.google.com/p/opensocial-resources/wiki/OrkutValidatingSignedRequests
I got error specified below: <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/> <title>Error 400 INTERNAL_SERVER_ERROR java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException : IOException : DerInputStream.getLength(): lengthTag=127, too big.</title> </head> <body><h2>HTTP ERROR: 400</h2><pre>INTERNAL_SERVER_ERROR java.security.spec.InvalidKeySpecException: java.security.InvalidKeyException: IOException : DerInputStream.getLength(): lengthTag=127, too big .</pre> <p>RequestURI=/gadgets/proxy</p><p><i><small><a href="http://jetty.mortbay.org/";>Powered by Jetty:// </a></small></i></p><br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> <br/> </body> </html> On Thu, Jun 12, 2008 at 8:07 PM, Neo Anderson <[EMAIL PROTECTED]> wrote: > All my pages are of PHP and they need SESSION values for any transaction. > If I use oAuth, can I create a session there and use it? Or any other way? > > > > On Thu, Jun 12, 2008 at 4:17 PM, Chris Chabot <[EMAIL PROTECTED]> wrote: > >> Hey Neo, >> >> Welcome to the world of gadget development :-) There's a lot of resources >> and examples out there of how to write this, they might give you a bit of a >> better overview of how to develop gadgets in the open social kind of way. >> >> Normally speaking gadget writers don't have access to either the >> container, nor the shindig server, so their server is on a 3rd domain ... >> >> Now Sessions are especially bad since the same gadget can be on different >> persons pages, one for me == viewer == owner, but also on your friend's page >> (same gadget, same browser, same session cookie... however a different >> gadget with different info.. woops!) Next to that huge problem, the proxy >> server also cache's information (use the REFRESH_INTERVAL param for >> makeRequest to control for how long btw), and dynamic sessions + caching >> proxies = bad :) (and yes you really want to have caching, since it saves >> your behind when you just made a popular app on orkut, myspace and hi5 and >> your servers would crumble if you served all the page hits all by your >> self). So thats 2 very big reasons not to use sessions in this context. >> >> So what you would do is that if you need specific information, in the >> social setting this will be related to the Viewer ID, or the Owner ID, and >> those can be provided in a secure, verified fashion by making signed >> requests.. >> >> There's a how-to-do-this from the gadget point of view at: >> >> http://code.google.com/p/opensocial-resources/wiki/OrkutValidatingSignedRequests >> >> And for creating certificates on php shindig's side read: >> http://svn.apache.org/repos/asf/incubator/shindig/trunk/php/certs/README >> >> After you follow those steps, the public certificate for your shindig >> server is available at http://<your.shindig>/public.crt which you can >> then use in the client side to validate the requests, and verify the owner >> and viewer id ... and all your logic you kind of hang of of those id's >> >> >> On Jun 12, 2008, at 10:20 AM, Neo Anderson wrote: >> >> Chris, I got another problem here. >>> >>> Problem is my container is at port 80. Server is at port 8080. Here, I am >>> able to send Ajax requests from the XML file(gadget) to files at port >>> 80(container) without any problems. The files on port 80 are (PHP files) >>> using sessions and based on these sessions. But the problem is as the >>> makeRequest uses proxy, request to that server page goes from port 8080 >>> and >>> session is created for localhost:80, so session doesn't exist for >>> localhost:8080. How can I solve this problem? >>> >>> >>> On Wed, Jun 11, 2008 at 5:11 PM, Neo Anderson < >>> [EMAIL PROTECTED]> >>> wrote: >>> >>> Yes, Thank you. >>>> >>>> >>>> >>>> >>>> On Wed, Jun 11, 2008 at 2:25 PM, Chris Chabot <[EMAIL PROTECTED]> >>>> wrote: >>>> >>>> try: >>>>> >>>>> <?php >>>>> echo json_encode($_REQUEST); >>>>> >>>>> >>>>> i think that will fix a lot of your problems right there :P >>>>> >>>>> -- Chris >>>>> >>>>> >>>>> On Jun 11, 2008, at 8:59 AM, Neo Anderson wrote: >>>>> >>>>> <?php >>>>> >>>>>> json_encode($_REQUEST); >>>>>> ?> >>>>>> >>>>>> I am getting response as below: >>>>>> >>>>>> throw 1; < don't be evil' >>>>>> >>>>>> {"http://localhost/makeRequestTest.php":{"body":"\r\n","rc":200}} >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>> >>>> >> >
