• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: accessing WO app without the need of a session....
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: accessing WO app without the need of a session....


  • Subject: Re: accessing WO app without the need of a session....
  • From: David LeBer <email@hidden>
  • Date: Mon, 5 Oct 2009 08:29:12 -0400


On 2009-10-05, at 7:27 AM, Gustavo Pizano wrote:



This assumes that you don't create sessions for non logged in users. - You need to be careful here as you can accidentally create a session when you fetch data.

uuu... I eventually need to fecth some data to show in that WOComponent, so I may be creating accidentally sessions?.. that doesn't sound good... isn't it?

so if a session is created I need to terminate it?

Don't plan on terminating the session. Plan on not creating one.

The two places where a session can get created are in the DA and in the page you return:

Direct Action
-----------------

You don't need a session to fetch data, you just need an editing context. You can create one in your DA (just remember to follow proper locking procedure).

If you do not ask for a session in your DA one will not be created.

Page
----------------

Do not use the 'action' binding for any WOHyperlinks or other clickable components on the page, create DAs and use the directActionName binding instead. If possible use generic html tags (<img/> etc) for everything else and you will be safe.


Authentication -------------------

For authentication, I am afraid you are on your own. You need to figure out a way to pass credentials from the J2EE app to the WO app (cookies maybe? form values in the request? I dunno depends on your setup). And then authenticate based on those in your DA.




G.


Rob.


On 5 Oct 2009, at 11:10, Gustavo Pizano wrote:

aha ok, I know now how to call the DA using  http://$HOSTNAME/cgi-bin/WebObjects/$APPNAME.woa/wa/$DIRECTACTIONNAME

link.. hehhe. now I have realize I a have a security HOLE! in my app with one direct action that access the administration tools, hehhe.. how to secure it? I read it must be secured if I don't want to allow random access...

so in my iFrame I can set up the link to be the one that points to my DA and, I should not put any action comoponet in the WOCompoment that it returns the DA, otherwise I will have problems, as far as I understood.


Thx

Gus

On Mon, Oct 5, 2009 at 10:58 AM, email@hidden <email@hidden > wrote:
Hi Gustavo,


You can use a Direct Action if you don't have a session.

Rob.


On 5 Oct 2009, at 09:04, Gustavo Pizano wrote:

Hello, this is what I need to achieve.

I have an J2ee app running on apache, and I have a WOApp running on a G5.
Now, I want to show in the j2ee app in an iframe a WOComponent that will show a list of items from the database based on a selected User, user is an Enterprise Object.


I read somwhwere, but I cant recall where, that I can acces the WO without the neeed of a session ID, or even authenticating, as I said I can't find where I read about it.

Questions, will this approach, will allow me to do fetch to the DB even without a SessionID?, (silly question, I know but as you know im still new to some things).
Will this approach be better than doing WebServices with WO?....


What will be your suggestions.? thinking that I need to select a user and filter the query. ?, should the user selection pop up be inside the WOComponent, or should it be sent somehow to the WOComponent from the j2ee?

confused here. :S//...

any help as alwasy will be very very appreciate it.

Im in the mood today to make things work... :P :P :D

thx

G.

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden

;david

--
David LeBer
Codeferous Software
'co-def-er-ous' adj. Literally 'code-bearing'
site: 	http://codeferous.com
blog: 	http://davidleber.net
profile:	http://www.linkedin.com/in/davidleber
twitter:	http://twitter.com/rebeld
--
Toronto Area Cocoa / WebObjects developers group:
http://tacow.org




_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: This email sent to email@hidden
  • Follow-Ups:
    • Re: accessing WO app without the need of a session....
      • From: "email@hidden" <email@hidden>
References: 
 >accessing WO app without the need of a session.... (From: Gustavo Pizano <email@hidden>)
 >Re: accessing WO app without the need of a session.... (From: "email@hidden" <email@hidden>)
 >Re: accessing WO app without the need of a session.... (From: Gustavo Pizano <email@hidden>)
 >Re: accessing WO app without the need of a session.... (From: "email@hidden" <email@hidden>)
 >Re: accessing WO app without the need of a session.... (From: Gustavo Pizano <email@hidden>)

  • Prev by Date: Re: ant build file size issue
  • Next by Date: Re: ant build file size issue
  • Previous by thread: Re: accessing WO app without the need of a session....
  • Next by thread: Re: accessing WO app without the need of a session....
  • Index(es):
    • Date
    • Thread