Hello all, Thank you for the different perspectives on this issue.
@Dave Engberg Thanks for the JAbsorb link, that is something to consider. I am indeed influenced by the Evernote API on how it works, and it seems like an elegant system. @Ted I completely agree with you, it has been on my mind. *I've been toying with the idea of using OAuth parameters as a first parameter struct to every Thrift call* (Evernote API does this too, but it takes only the access token key). Would this handle some of the authentication issues? Transaction rate limiting, etc. would be separate issues to implement though. Brian has provided some good inputs on that. Thoughts? Regards, Swaroop Books and Blog - http://www.swaroopch.com Company - http://www.ionlab.in On Tue, Apr 28, 2009 at 12:54 AM, Ted Dunning <[email protected]> wrote: > Swaroop, > > Thrift is generally best for internal consumption. If you expose an API to > the wild world, you need more than just a JSON translator. You also need > anti-spoofing measures, transaction rate limits, authentication and input > verification. Raw thrift is really pretty raw and not so long ago, it was > pretty easy to get an Exception by just sending random bytes to a Thrift > server. > > That said, if *all* you care about is the JSON/Thrift translation, > jabsorb+thrift looks pretty sweet. > > On Mon, Apr 27, 2009 at 10:57 AM, Dave Engberg <[email protected]>wrote: > >> >> ... a JavaScript ORB bridge. >> >> >> >> Swaroop C H wrote: >> >>> ... how do people deal with the issue >>> of interaction between Ajax and Thrift-based APIs? >>> ... >>> If the Ajax cannot access the API directly, then a wrapper (that works >>> with Ajax) would have to be written for every single service call. >>> >>> >
