Thanks Nick, I hadn't set anything - now I know a bit more about app.yaml :) - I've got it on optional now, and its working fine - cheers
Colin On Jun 23, 11:13 am, "Nick Johnson (Google)" <[email protected]> wrote: > Hi hawkett, > > On Tue, Jun 23, 2009 at 10:11 AM, hawkett <[email protected]> wrote: > > > Hi, > > > I have a question about the security of the remote_api - looking > > through the source code, I noticed that ConfigureRemoteDatastore takes > > a 'secure' parameter, which is False by default. I assume this means > > that any data submitted via remote_api is done in plain text. What > > about the credentials that are obtained using the auth_func() shown in > > the example? > > Authentication is always performed over a secure channel, but the cookie > obtained with authentication is then transmitted in the clear if secure=True > is not specified. > > > > > Is the secure option supported? When I set secure=True (in code > > that works fine when it is set to False), I get > > > 'urllib2.HTTPError: HTTP Error 302: Found' > > > which I assume is a redirect to a login page. If it is supported, > > what is the process for it use? Thanks, > > Did you set "secure: always" or "secure:optional" for the remote_api handler > in app.yaml? > > -Nick Johnson > > > > > Colin > > -- > Nick Johnson, App Engine Developer Programs Engineer > Google Ireland Ltd. :: Registered in Dublin, Ireland, Registration Number: > 368047 --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
