Hello, How can I pass session id through my rails application to a rest client through HTTParty or RestClient? Thanks -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/ydS68f98KKoJ. For more options, visit https://groups.google.com/groups/opt_out.
On Fri, Sep 14, 2012 at 4:12 AM, Avi <aavinash.behera-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:> Hello, > > How can I pass session id through my rails application to a rest client > through HTTParty or RestClient?I would consider this a security problem, and a major one at that but whatever who am I judge your bad security. You need to serialize the object, I don''t know about the default session handler but I think it responds to load and dump and even if it doesn''t you can always use Marshal to Marshal the object but that means that the guy down the way needs some of your code possibly to unmarshal it. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
So, here is what I am trying to do :- login_response = RestClient.post ''Some URL'', :userName => ''username'', :password => ''password'' // Here I am logging in to the site. puts "login_response" // Here I am getting the response as an xml format which is a session_id So for accessing the content after login, I need session id to perform CRUD operations. search = RestClient.get ''URL after login to search a list'' // here need to pass the session id. Or any suggestions what need to do in this case ? On Friday, September 14, 2012 5:20:11 PM UTC+5:30, Jordon Bedwell wrote:> > On Fri, Sep 14, 2012 at 4:12 AM, Avi <aavinas...-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org <javascript:>> > wrote: > > Hello, > > > > How can I pass session id through my rails application to a rest client > > through HTTParty or RestClient? > > I would consider this a security problem, and a major one at that but > whatever who am I judge your bad security. You need to serialize the > object, I don''t know about the default session handler but I think it > responds to load and dump and even if it doesn''t you can always use > Marshal to Marshal the object but that means that the guy down the way > needs some of your code possibly to unmarshal it. >-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To view this discussion on the web visit https://groups.google.com/d/msg/rubyonrails-talk/-/1mNPYA_deAAJ. For more options, visit https://groups.google.com/groups/opt_out.
Avi wrote in post #1075999:> So, here is what I am trying to do :- > > login_response = RestClient.post ''Some URL'', :userName => ''username'', > :password => ''password'' // Here I am logging in to the site. > puts "login_response" // Here I am getting the response as an xml > format > which is a session_id > > So for accessing the content after login, I need session id to perform > CRUD > operations. > > search = RestClient.get ''URL after login to search a list'' // here > need > to pass the session id. Or any suggestions what need to do in this case > ?I''ve handled clients like these in one of a few of ways: 1. Use a client implementation that supports HTTP cookies just like a web browser does. Login the normal way and let the client manage passing the cookie back to the server (just like a browser). 2. Use a token based client authentication mechanism where the token is generated by the server with that token bound to the user account. Something like what Pivotal Tracker does with their API tokens. 3. Use something like OAuth, which provides a way for external clients to authenticate through the OAuth protocol (probably overkill for your needs). -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.