All posts tagged 'authentication'

Web Service Authentication APIs

Jan 23 2010

For a project I’m working on, I’ve been looking at a lot of web service authentication/verification APIs lately. I thought folks might be interested in the results. Here are the methods available for a variety of web services/applications online, with links to their appropriate docs:

Read the rest of this post…

No More HTTP Authentication

Mar 15 2004

Well, it’s official. webpad 3.0 will now use integrated, session-based authentication for users, rather than HTTP Authentication. I’ve changed to this in large part to allow me to use it in CGI mode (which, incidentally, works wonderfully), so webpad is even more portable now. In fact, if you have PHP running in CGI mode, I will be reccommending that you run webpad under that mode.

With the new integrated authentication, when you hit webpad you are presented with a log in screen, where you enter a username/password as normal, then continue to the actual application.

I’m also currently looking at templating (thanks to a previous hack that Brad Choate made to webpad 2.0 which allowed it to selectively edit the contents of a file, only within certain regions (denoted by webpad tags of some sort). I will have this functionality included in the official release of webpad 3.0 Personal Edition, and it will definitely be a part of the Professional release.

Things may have been quiet, but they’re not completely dead!

API Problem Fixed

Feb 12 2004

Thanks to a suggestion from Bill, I found the problem that AvantBlog has been having when attempting to authenticate with the Blogger.com servers… basically they moved their servers!.

As Robert discovered in this post, the server that responds to API requests moved from plant.blogger.com to www.blogger.com, so basically I was posting authentication requests to a server that didn’t exist. This has been rectified now and it appears to be operating properly.

Enjoy your blogging folks

AvantBlog Authentication Work-around

Aug 27 2003

I’ve posted details of an authentication problem work-around for AvantBlog. Basically the problem arises because AvantGo appears to expire sessions after about 24 hours whether you want them to or not (correct me if I’m wrong here anyone…)

To get around this, you can easily configure your AvantBlog channel to pass your username and password along with each request for the channel, as per these instructions;

Go to https://my.avantgo.com/home/ and log in using your *AvantGo* details
Click the “My Device” tab on the left
Click your “AvantBlog” channel to modify its settings
In the “Location” box, add the following onto the end of the address “?username=USER&password=PASS” (no quotes), where USER is replaced with your Blogger.com username, and PASS is replaced with your Blogger.com password.
Save the details (“Save Channel”) and exit AvantGo’s website
Synch your handheld again – you should find that you are now automatically logged into AvantBlog, and this should continue each time you synch, whether you post or not!

I’ll also post my warning that went with the mailing list email I sent out here;

Obviously, this method means that your channel is defined using your actual Blogger.com username and password, in plain text. These details are passed ‘over-the-wire’ in plain txt, so this is not particularly secure. The chances of someone exploiting this are minimal, however if your blog contains any sensitive information or is of a secure nature of any sort, I do not recommend that you configure AvantBlog using this method.

Enjoy!