I am using Alamofire for service call. Everything is working fine from my side. But on server side, backend people are saying that I am creating multiple session. I don't understand why it is happening.
Can anyone please help me out?
Thanks in advance.
There could be a variety of causes for this issue. Perhaps you're logging in a user for every network call instead of reusing a token, or perhaps you need to attach a cookie to the requests. You need to work with your backend team to see what is required to use a single session.
Related
I just added SSL to my backend framework (Django REST API) and I want my iOS application to talk to it. Do I have to do anything differently on the iOS side of my project? How do I tell Alamofire to encrypt the data its sending? Or Does it happen automatically?
The only difference is using https instead of http. I have the same setup at work, and originally thought I was going to have to delve into certificates. I started heading in that direction and then realized all my requests worked as soon as I stuck the "s" on the end.
I will say, while using NSStream, you do have to setup the stream to handle the certificate. I am doing this in another application, but that is below the URLRequest class. I am unsure of how low level Alomofire actually delves, but it will definitely handle everything you desire without doing anything differently.
Just update URLs inside your app to use "https" and you are done.
I have an APP written in Ruby. The authentication is made through Facebook-Graph_API.
I am using an SSL certificate which is validated through Globe SSL.
The connection is encrypted and almost everything is working fine. BUT!
The connection is insecure caused by mixed content. The pictures which the app is loading are coming through http. But I need this from an https source.
I found here:
Graph API for Facebook developers
that I have to use something like this:
return_ssl_resource => true
But I donĀ“t know at which Position I have to paste this!
Does anybody have an example or experience with this? I you need further Information please let me know.
Thx for your help!
When you're requesting the data from Facebook that contains the images you're going to display, append return_ssl_resource=true as a query parameter to the request you make.
https://graph.facebook.com/<UID>/picture?return_ssl_resources=true
We've developed a web application which is hosted on premises available for people in the shop floor via Wifi. However, the wifi signal is not reliable and it's not possible to use wired network or improve the signal.
I am looking for a solution to handle this issue. Is there a way to put the http requests into a local queue and process it asynchronously at the background? If so, how to do it? Or is there any other alternative approach?
Any thoughts are greatly appreciated.
I have the same problem in the company where I work, there are certain places where the WiFi can not reach, and the system needs to get information from the DB in order to show that info to the user and then upload some new info.
Part of this system is done with iPads, so to solve the problem I use LocalStorage to store a JSON object that contains the info the user need to work, I store the info that is going to be uploaded in another JSON object, and when there is a connection available the info is Uploaded.
Hope it helps
I would recommend to build the web app with angularjs or another javascript framework of your choice. Once the user has loaded the site you can perform asynchronous ajax/http requests to load the required data and the web app will never reload the entire page.
In case one http request fails you can implement that the web app should try one more time or whatever :)
I know that there are a ton of threads about this. But I'm still confused.
I've got an app that making request to my server(nodeJS) to get JSON-data.
For the moment everyone can get everything at: http://myserver/allUpdates/ with no password. They just have to know the URL.
So I thought I would do it little more secure.
I been looking at Basic Auth, that seems to work by sending username and password in the header for every request.
Is that enough?
Some guys say that it doesn't do much if youre not using SSL. But it must be better than nothing, right?
I've never used SSL and it seems there is a lot to learn.
So my question is, should I bother with auth when I'm not using SSL?
Or are there other alternatives?
Some guys say that it doesn't do much if youre not using SSL. But it must be better than nothing, right?
Unfortunately, those guys are right. Basic Auth is, when sent plaintext, probably worse than nothing as it gives you the vague feeling of some security without any actual security.
This is because it is trivial to intercept network requests through a proxy or similar. If you're not used SSL then every parameter you're sending is easily and readily visible, including your basic authentication credentials.
In answer to your question "should I bother with auth when I'm not using SSL?" - that depends. If you want to ensure your data is only accessed by authenticated users, then it's really SSL or nothing. But if all you're trying to do is reduce the burden on your servers (i.e, rate limiting), then maybe not. I'm going to assume you're looking to do the former, in which case I'd recommend taking the time to get to grips with SSL. There are lots of resources out there about using Node with SSL, depending upon what additional frameworks you might be using (Express, etc).
SSL encrypts your requests, which means that anyone that sniffs your network traffic can't read the payload of the request.
You have two ways to auth the client to the server:
send credentials or an API key with every request OR
login in the client once with credentials or API key and reuse it's session
In both ways, you should use SSL and send the credentials with your POST data.
I noticed that in a standard grails environment, a request is always executed to the end, even when the client connection is lost and the result can't be delivered anymore.
Is there a way to configure the environment in such a way that execution of a request is canceled as soon as the client connection is lost?
Update: Thanx fo the answers. Yes - most of the problems I am trying to avoid can be avoided by better coding:
caching can make nearly every page fast
a token can help to avoid submitting something twice
but there are some requests which still could consume some time. Let's take a map service as example. Calculating a route will take some time. One solution to avoid resubmitting the request could be a "calculationInProgress" flag together with a message to the user. But then it is still possible to create a lot of sessions and thus a lot of requests in order to do a DOS attack...
I am still curious: is there no way to configure the server to cancel the request? I used to develop on a system where the server behaved this way and it was great :-)
Probably there is no such way. And I'm sure grails (and your webcontainer) is designed to
accept incoming request
process it on server side
send response
if something happened during phase 2, i'll know about it only on send response phase. Actually you can send data to HttpSerlvetRespone by yourself, handle IOException, etc - but it will be too much low-level way, I think. And it will not help you with canceling your DB operations, while you're preparing data to send.
Btw, it's common pattern to use an web frontend, like nginx, that accepts incomming request and and handle all this problems with cancelled requests, slow requests (i guess it's the real problem?), etc.
According to your comment it is reload and multiple clicks that you are trying to avoid. The proper technique should be to use Grails support for handling multiple form submissions:
http://grails.org/doc/2.0.x/guide/theWebLayer.html#formtokens