Re: [xwiki-devs] about login and logout using XWiki REST API

4 Jun 2011

You certainly need it with XWiki session.
In general, XWiki session is more secure because:
- the login part can be made over https if needed
- then, no password but only a session ID is exchange (typically bound to the IP)
I agree it makes no sense to login with Basic Auth.

paul

Le 4 juin 2011 à 18:27, Jun Han a écrit :

...
  Dear all,

 I am on the way of replacing the xmlrpc implementation of
       RemoteXWikiDataStorage implements IDataStorage {}.

 One question is about how to implement login and logout functionality 
 via REST API.
 From REST API document, users can be authenticated via something like:
 1. XWiki session
 2. HTTP Basic Auth.

 HTTP basic auth can be implemented via adding HTTP header to the HTTP 
 request, then XEclipse can display Xwiki Resources by parsing the response.

 Therefore, do we need to implement login and logout methods?

 Best regards
 Jun Han
 _______________________________________________
 devs mailing list
 devs(a)xwiki.org
 http://lists.xwiki.org/mailman/listinfo/devs 

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [xwiki-devs] about login and logout using XWiki REST API