You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shindig.apache.org by "Brian Eaton (JIRA)" <ji...@apache.org> on 2008/02/04 04:05:08 UTC

[jira] Updated: (SHINDIG-35) Create a demo of a server side container

     [ https://issues.apache.org/jira/browse/SHINDIG-35?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Brian Eaton updated SHINDIG-35:
-------------------------------

    Attachment: oauth.patch

After looking at this for a bit I decided that OAuth might actually be easier than user preferences.  I'm uploading a patch that adds some rudimentary OAuth support to Shindig as well as the skeleton of a server-side container.

Elements in this patch (which probably needs to be broken into smaller chunks to make merging it in less of a big bang...)

ProxyHandler support for signing requests: this ends up conflicting slightly with Louis's recent patch for signed fetch, but not by much.

RemoteContentFetcher support for adding HTTP headers to requests.

Real crypto for gadget tokens: BlobCrypter encrypts and signs the data.

Tighter URL validation, so Shindig is less of an open proxy (but is still fairly dangerous in this respect...)

Some dependency injection that we might be able to show to people who want to know how to glue together their container and Shindig.

I'm interested in feedback on which parts of this are sane, which are crazy, and how it can best be broken up for inclusion into Shindig.



> Create a demo of a server side container
> ----------------------------------------
>
>                 Key: SHINDIG-35
>                 URL: https://issues.apache.org/jira/browse/SHINDIG-35
>             Project: Shindig
>          Issue Type: New Feature
>          Components: Gadgets Server - Java
>            Reporter: Brian Eaton
>            Assignee: John Hjelmstad
>         Attachments: oauth.patch
>
>
> I'd like Shindig to have a sample implementation of a server-side container.
> I definitely don't want to build any type of robust or scalable user registry to go along with this work.  I'd like to see scaffolding, not a lot of implementation.
> The ability to store user preferences on the server rather than the client would be a reasonable first milestone.  A next milestone would be support for OAuth in gadgets.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.