I have an app that makes request to a wcf service. Usually I authenticate all of the requests using a hash value that is sent in the body of the request and then authenticated on the server. All most all of the request are sent via json and it is easy for me to add the hash value to the body of the request. The issue I am facing is that when I send a file stream I cannot add the hash to the body of the request so I am wondering how I can authenticate that the request came from my app and not from some where else. All suggestions are greatly appreciated.
Adding an authorization item in the header is a possible solution. So, if anyone is interested, read this and this.
Related
I want to do a POST HTTP request to the serving to receive some cookies from the server. During this POST request I also need to send some data like login and password. I found a lot of solutions but nothing is working, everything that I found is deprecated.
So the question is: how can I make a HTTP POST request to receive form the server some cookies after?
I want my android app to periodically send location information to my django server.
Based on my research, android client should write the location in JSON, payload JSON in http post, and send http post request to django server periodically. and the http post request is created by the client directly, not from a post form by django. Is it a normal way?
If posting data without form is a general way, then to stop csrf verification, according to the answer of Android sending post requests to django server csrf failing, the android client should
"getting the token from the server and sending that along with the POST data "
(suppose I do not use solution of #csrf_exempt)
My question is where to get the csrftoken cookie?
I do see csrftoken cookie if I send a GET request to a post form, but if posting data directly (without asking for the post form), where does a client get the csrftoken cookie?
You could use an API like tastypie or rest-framework. The only way to get the token is by accessing the page that gives it.
I'm trying to make an application that needs authentication :- when user type username and pw in the text boxes it should check with the DB in the server and authenticate.
how can i do this in the android?
can please any one help me??
thank you,
If you are a web developer you can do this authentication very easily. You can follow the following steps,
First, get the username and password from the user and put in the variables.
Create the HTTP connection to the web server (Your data posting URL).
Post the data to the URL with specified data using HTTP Get or Post method(Post is preferable for authentication)
Get the posted value using server side script and do the authentication.
send the response status to the client by using JSON encoding or some other format whether the authentication is succeeded of failure.
Get the response in android and create the InputStream and decode the JSON or some specified encoding format which you done in the server side and shown the response in mobile.
Thats it.
I have an access token and i want to send the POST request and with the some feed in the body. The problem is i am able to get the GET request using the URLConnection but when i use the HttpPost I am not able to send the POST request.
I guess this problem has to do something with not being able to sign the POST request using HttpPost.
Can any one share the sample code for sending the POST request by signing it with the access token?
TIA
I am not really sure, but it sounds like you want to use some kind of OAuth (access tokens, etc.)?! Then http://code.google.com/p/oauth-signpost/ might be a little help for you.
this Android code worked fine before, but i'm having problems for some reason. here is the request i'm trying to make:
https://www.google.com/reader/api/0/token
i'm getting 400:Bad Request as a response, and i'm not sure why. isn't this the correct URL for requesting a token? the auth token is being passed as a header in all requests now, and i can request feed list, and it works just fine, so there's nothing wrong with the auth code. what gives?
in addition, i can request a token in a normal browser, like Chrome, and get a token as a response body. so the request itself is not the problem. i just can't figure out what is wrong with my requests in code...
the answer is to use http rather than https. if anyone else is having trouble getting tokens from the unofficial google reader api, check whether you are using secure http or not.