?

Log in

No account? Create an account
Authentication Style Question (And Request) - LiveJournal Client Discussions — LiveJournal [entries|archive|friends|userinfo]
LiveJournal Client Discussions

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

Authentication Style Question (And Request) [Jul. 25th, 2004|11:00 pm]
LiveJournal Client Discussions

lj_clients

[johnwordsworth]
[mood |productiveproductive]
[music |U2 - Alex Decends into Hell for a Bottle of Milk]

Hi, I am working on a Java Package to offer all the functionality of a Live Journal Client in a nice and easy way. Anyhow, I have been looking at the protocol documentation and was basically just wondering on opinions of other developers and what they would consider good and bad style. If this sort of post is 'wrong' here, please inform me - I'm kinda new to LJ, especially Communities, and don't know the etiquette yet.

Authentication - Am I correct in believing that, unless you use the 'cookie' method of auth, then you are expected to send the auth details with each LJ request? Unfortunately, the Apache Xml-Rpc library for Java doesn't support cookies, and I don't feel like hacking the code unless I have to - so that means 2 requests per 'LJ Request' as it were (challenge/response) - is this considered OK?

Are there any plans to add the option to send session cookie with the RPC call instead of as a POST header? Since you can send any other authentication method with the call, it seems a shame that you cannot send the session cookie in the same manner. And of course, it means that xml-rpc wrappers that hide the POST request from you cannot use the cookie method. Is there another LJ that I should request this update in, or can I go through a CVS and put forth a suggested update myself? I guess it shouldn't be that hard - I would imagine all these vars are handled around the same place.

Many thanks, and apologies again if ant of this is 'bad etiquette'. Consider it also a kind of introduction too!

John Wordsworth
Working hard on WingedMonkey - A LJ Client Java Package
linkReply

Comments:
[User Picture]From: fbartho
2004-07-27 08:11 am (UTC)
A random thought of mine, barely related to this... Is it normal for the lj.net client to allow me to edit this post? because I selected lj_clients as the journal i was looking at in journal manager, I can see posts... but the thing is that they aren't written by me... I am tempted to add something identifying the fact that I can change it, just to see if the change will succeed, but this is just straight odd... I would have assumed that it would only give me access to edit my posts or am I missing something in either how much access I have here or in how lj.net works...

Let me know what I should do here...

Also I posted an entry, but it may have been eaten, in any case, the gist of the matter was that I incorporated a preliminary base version of the xml-rpc protocol for php into my website, as soon as it is a little more well formed, I intend to add user-friendly controls for it, but I realized that what I had didn't check permissions, and I was wondering if there was an existing php package that would allow/show me how to access/set the livejournal cookie so that people would be logged in to the livejournal website as well and their username for that would be matched to the allowed usernames for a post...

Thanks.
(Reply) (Thread)
[User Picture]From: decadence1
2004-09-15 02:50 pm (UTC)
A random thought of mine, barely related to this... Is it normal for the lj.net client to allow me to edit this post? ... the thing is [it isn't] written by me... I am tempted to add something identifying the fact that I can change it, just to see if the change will succeed

It won't. :)

Let me know what I should do here...

Nothing. :) Most clients let you see recent entries in a community, but trying to edit those that aren't your own won't get you anywhere (at point of submit). IIRC Semagic changed so that it checked ownership at point of clicking edit rather than awaiting POST to avoid scaring its users. :> It's no biggie whether the client allows you to select a post for editing if it isn't your own - you won't be able to actually edit it.
(Reply) (Parent) (Thread)
[User Picture]From: fbartho
2004-09-15 03:17 pm (UTC)
Hey, that's cool, I figured that that would probably be like that... :) Thanks for the reply ...
(Reply) (Parent) (Thread)