Backend authentication with AsyncHttp

Hi,

I would like to connect an Authentication WebService using  AsyncHttp.

Does anyone have a simple example to do that?

Thanks.

Yuriy Volyanskyy
It would be great to have a

It would be great to have a full example of the Login/Authentication RhoMobile application without RhoConnect. It would help to see the recommended architecture of the project when AsyncHTTP is used for authentication call.

Vote: 
Vote up!
Vote down!

Points: 0

You voted ‘up’


Gerbrand Stap
There are examples on the

There are examples on the following pages:

Or do you need a more specific example?

Vote: 
Vote up!
Vote down!

Points: 1

You voted ‘up’


William Anton
Hi, Thank you for your answer

Hi,

Thank you for your answer.

In this example, do you know what means basic type? What other options do we have for type parameter (ssl_verify_peer??):

:authentication => {

    :type => :basic,

    :username => "john",

    :password => "secret"

  }

Thank you.

Vote: 
Vote up!
Vote down!

Points: 0

You voted ‘up’


Gerbrand Stap
It adds a http authentication

It adds a http authentication header to the request, in the example 'Authorization: Basic am9objpzZWNyZXQ='. Basic authentication is explained here.

I think the ssl_verify_peer is used to specify whether the server certificate is checked. Just like when you open a site with a temporary certificate and you must accept that it is not a trusted certificate. I'd assume that a certificate is always accepted when specifying ':ssl_verify_peer => false', but I haven't used it yet so I'm not sure.

Vote: 
Vote up!
Vote down!

Points: 1

You voted ‘up’


William Anton
Ok. Thank you for this

Ok. Thank you for this clarification.

So, I understand that the main disadvantage of this authentication type is that the username and password are passed in cleartext. Do you think this authentication type is secured enough with an SSL connection?

If not what other option do we have?

Vote: 
Vote up!
Vote down!

Points: 0

You voted ‘up’


Gerbrand Stap
'Secure enough' like a

'Secure enough' like a deadbolt or Fort Knox?

SSL encrypts the transported data, so all http requests over ssl (https) are encrypted including the clear-text authentication header. So a little more than base64 decoding is needed to get the username and password from the request.

Vote: 
Vote up!
Vote down!

Points: 0

You voted ‘up’


Log in to post comments