incubator-photark-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Suhothayan Sriskandarajah <suhotha...@gmail.com>
Subject JSON RPC and PhotArk authorization
Date Tue, 29 Jun 2010 21:29:29 GMT
I'm now Implementing Authorization to PhotArk .
When doing so, I encountered a problem of identifying from where the
JSON RPC request came from.

In this case I have no other choice than sending the information of
the user, who is sending this requests with each JSON RPC call.

Here, at the time of page load, I retrieve a unique random token using
a http request and then sends that token with every  JSON RPC request.
So the back end can Identify who is the user calling this service and
provide the appropriate response according to his permissions.

In this case If we are sending the token as a parameter of the JSON
RPC call, then a new GallerySecuruty interface should be written -
which contains some methods with the gallery interface have, but with
an additional token parameter. This GallerySecuruty interface will be
then extended by gallery.

Please let me know if this is OK
Or if any one have any better way to implementing this.

Thanks in advance
Suho

Mime
View raw message