This question is locked. New answers and comments are not allowed.
Context
all of our users login to our website using DotNetOpenAuth (twitter, google, facebook)When building the mobile app - i want to make some of the tabs personalized to their profile data. (send and receive data)
For these tabs I need to popup the login window retrieved from server side.
From a desktop perspective I can open up multiple tabs to a website and auth cookie and session cookie are sent across - ensuring my login context is known.
From a mobile perspective how is the context perserved across multiple child browsers on different tabs? - i don't want to user to login multiple times in the same mobile app.
I remember reading how linkedin created a message bridge to only use one childbrowser as bridge.
I cannot just make the whole app a child browser as i do need access to camera to auto upload.
Question
What are the known strategies to migrate functionality existing in web based apps without having to build separate rest api's upfront?How can i quickly integrate a mobile app written with icenium and kendoui mobile with functionality on server side where my controllers have [Authorize] filters attached to ensure the user has the correct roles/permission?
2 Answers, 1 is accepted
0
Ilian
Top achievements
Rank 1
Rank 1
answered on 28 Feb 2013, 11:14 AM
Hello Leblanc,
I'm afraid that we need some time to investigate your problem. I'll get back to you as soon as an answer is available.
Thank you for your patience and understanding.
Kind regards,
Ilian Iliev
the Telerik team
I'm afraid that we need some time to investigate your problem. I'll get back to you as soon as an answer is available.
Thank you for your patience and understanding.
Kind regards,
Ilian Iliev
the Telerik team
0
Ilian
Top achievements
Rank 1
Rank 1
answered on 28 Feb 2013, 05:18 PM
Hello,
I've built a server application using DotNetOpenAuth and used our childbrowser sample to navigate and login with a provider. In the callback implementation I created a FormsAuthentication cookie.
As far as I noticed the .ASPXAUTH cookie can still be used(it will be sent with requests) from your application after closing the childbrowser.
By default, in cross-site XMLHttpRequest invocations, browsers will not send credentials. A specific flag has to be set on the XMLHttpRequest object when it is invoked. If you are making ajax requests you might also need to use something like this:
window.plugins.childBrowser.onLocationChange = function (url) {
if (url.indexOf("AUTH URL") == 0)
{
window.plugins.childBrowser.close();
$.ajax({
url: 'API_URL',
type: "GET",
xhrFields: {
withCredentials: true
}
});
}
};
All the best,
Ilian Iliev
the Telerik team
I've built a server application using DotNetOpenAuth and used our childbrowser sample to navigate and login with a provider. In the callback implementation I created a FormsAuthentication cookie.
As far as I noticed the .ASPXAUTH cookie can still be used(it will be sent with requests) from your application after closing the childbrowser.
By default, in cross-site XMLHttpRequest invocations, browsers will not send credentials. A specific flag has to be set on the XMLHttpRequest object when it is invoked. If you are making ajax requests you might also need to use something like this:
window.plugins.childBrowser.onLocationChange = function (url) {
if (url.indexOf("AUTH URL") == 0)
{
window.plugins.childBrowser.close();
$.ajax({
url: 'API_URL',
type: "GET",
xhrFields: {
withCredentials: true
}
});
}
};
All the best,
Ilian Iliev
the Telerik team