Re: accessing WO app without the need of a session....
Re: accessing WO app without the need of a session....
- Subject: Re: accessing WO app without the need of a session....
- From: Gustavo Pizano <email@hidden>
- Date: Mon, 5 Oct 2009 15:14:28 +0200
AHA thanks...
I knew I was missing something.
G.
On Mon, Oct 5, 2009 at 3:08 PM, David LeBer
<email@hidden> wrote:
On 2009-10-05, at 9:02 AM, Gustavo Pizano wrote:
Yes I was using:
ERXEC ec = new ERXEC();
mmm.. did I do it the wrong way using the ERXEC instead the EOEC?
EOEditingContext ec = ERXEC.newEditingContext();
G.
On Mon, Oct 5, 2009 at 2:53 PM, email@hidden <email@hidden> wrote:
If you do need to create an editing context to retrieve data the trick is to use
EOEditingContext ec = new EOEditingContext();
Which doesn't create a session as opposed to
EOEditingContext ec = session().defaultEditingContext();
Which does
Rob.
On 5 Oct 2009, at 13:29, David LeBer wrote:
On 2009-10-05, at 7:27 AM, Gustavo Pizano wrote:
This assumes that you don't create sessions for non logged in users. - You need to be careful here as you can accidentally create a session when you fetch data.
uuu... I eventually need to fecth some data to show in that WOComponent, so I may be creating accidentally sessions?.. that doesn't sound good... isn't it?
so if a session is created I need to terminate it?
Don't plan on terminating the session. Plan on not creating one.
The two places where a session can get created are in the DA and in the page you return:
Direct Action
-----------------
You don't need a session to fetch data, you just need an editing context. You can create one in your DA (just remember to follow proper locking procedure).
If you do not ask for a session in your DA one will not be created.
Page
----------------
Do not use the 'action' binding for any WOHyperlinks or other clickable components on the page, create DAs and use the directActionName binding instead. If possible use generic html tags (<img/> etc) for everything else and you will be safe.
Authentication
-------------------
For authentication, I am afraid you are on your own. You need to figure out a way to pass credentials from the J2EE app to the WO app (cookies maybe? form values in the request? I dunno depends on your setup). And then authenticate based on those in your DA.
G.
Rob.
On 5 Oct 2009, at 11:10, Gustavo Pizano wrote:
aha ok, I know now how to call the DA using http://$HOSTNAME/cgi-bin/WebObjects/$APPNAME.woa/wa/$DIRECTACTIONNAME
link.. hehhe. now I have realize I a have a security HOLE! in my app with one direct action that access the administration tools, hehhe.. how to secure it? I read it must be secured if I don't want to allow random access...
so in my iFrame I can set up the link to be the one that points to my DA and, I should not put any action comoponet in the WOCompoment that it returns the DA, otherwise I will have problems, as far as I understood.
Thx
Gus
On Mon, Oct 5, 2009 at 10:58 AM, email@hidden <email@hidden> wrote:
Hi Gustavo,
You can use a Direct Action if you don't have a session.
Rob.
On 5 Oct 2009, at 09:04, Gustavo Pizano wrote:
Hello, this is what I need to achieve.
I have an J2ee app running on apache, and I have a WOApp running on a G5.
Now, I want to show in the j2ee app in an iframe a WOComponent that will show a list of items from the database based on a selected User, user is an Enterprise Object.
I read somwhwere, but I cant recall where, that I can acces the WO without the neeed of a session ID, or even authenticating, as I said I can't find where I read about it.
Questions, will this approach, will allow me to do fetch to the DB even without a SessionID?, (silly question, I know but as you know im still new to some things).
Will this approach be better than doing WebServices with WO?....
What will be your suggestions.? thinking that I need to select a user and filter the query. ?, should the user selection pop up be inside the WOComponent, or should it be sent somehow to the WOComponent from the j2ee?
confused here. :S//...
any help as alwasy will be very very appreciate it.
Im in the mood today to make things work... :P :P :D
thx
G.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
;david
--
David LeBer
Codeferous Software
'co-def-er-ous' adj. Literally 'code-bearing'
site: http://codeferous.com
blog: http://davidleber.net
profile: http://www.linkedin.com/in/davidleber
twitter: http://twitter.com/rebeld
--
Toronto Area Cocoa / WebObjects developers group:
http://tacow.org
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
;david
--
David LeBer
Codeferous Software
'co-def-er-ous' adj. Literally 'code-bearing'
site:
http://codeferous.com
blog:
http://davidleber.net
profile:
http://www.linkedin.com/in/davidleber
twitter:
http://twitter.com/rebeld
--
Toronto Area Cocoa / WebObjects developers group:
http://tacow.org
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden