dhis2-devs team mailing list archive

[Saptarshi Purkayastha <sunbiz@xxxxxxxxx>]

Hi Yuriy,

Thanks for asking this question. Since the coding period is about to start,
it will be useful for all GSoC students to create their launchpad branches
for the summer coding here - https://code.launchpad.net/dhis2

We expect that you create your branches here and be the owners of the
branches. The mentors for your project as well as other community members
will be able to follow your progress. We also suggest that you maintain a
blog and make a weekly post highlighting the progress that you are making
with your projects.

---
Regards,
Saptarshi PURKAYASTHA

My Tech Blog:  http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE


On 17 June 2013 14:29, Yuriy Ivanovich <yuriybugryn@xxxxxxxxx> wrote:

> Hello Saptarshi,
>
> Yes , it is because I developing on localhost and the server which I using
> is http://apps.dhis2.org/demo.
>
>
> Thanks for your answer ,
>
> I will use solution number 2 :   start Chrome with flags: chrome.exe
> --disable-web-security -–allow-file-access-from-files
>
> Because I run DHIS server on my local server pc and developing web app on
> my laptop.
>
>
> And I have another question :
>
> Where I should create repository for my project ?
>
> Many thanks,
> Yuriy Bugryn
>
>
>
> 2013/6/17 Saptarshi Purkayastha <sunbiz@xxxxxxxxx>
>
>> Hi Yuriy,
>>
>> Why do you get a cross-domain issue??
>> Is it because you are developing on localhost and the server you are
>> using is http://apps.dhis2.org/demo <http://apps.dhis2.org/dev>?
>> All DHIS2 URLs support Basic Authentication... so all you have to do is
>> pass the authorization headers.
>> Thus, I dont think we need a separate URL for authentication. Also tokens
>> for getting this done during the summer is not feasible IMO.
>>
>> To deal with cross-domain calls, I suggest you to do either one of the
>> two things.
>> 1. Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and
>> run tomcat. You'll be hosted in the same tomcat as DHIS2 and hence not have
>> cross-domain issues
>> 2. If you wish to work with the your mobile app from localhost and make
>> calls to dhis2 demo, you can start Chrome with flags:
>> chrome.exe --disable-web-security -–allow-file-access-from-files (or
>> similar in Linux)
>>
>> Also, since this will be mobile app, the mobile browser WebView or what
>> have you for the different platforms, allow cross-domain calls. So that
>> will not be a deployment problem.
>>
>> ---
>> Regards,
>> Saptarshi PURKAYASTHA
>>
>> My Tech Blog:  http://sunnytalkstech.blogspot.com
>> You Live by CHOICE, Not by CHANCE
>>
>>
>> On 17 June 2013 02:45, Yuriy Ivanovich <yuriybugryn@xxxxxxxxx> wrote:
>>
>>> Hello guys,
>>>
>>> I already started working on my task with Mobile Visualizer .
>>>
>>> The first point in my plan is : Implement authentication functionality.
>>>
>>> So, I started working on first point and get some problems.
>>>
>>> It is very inconveniently using standart way of authentication  . I get
>>> problems with Cross-domain and other.
>>>
>>> So, I suggest implements some new security for accessing for API.
>>>
>>> It will be look like :
>>>
>>> Client makes a request to .../authenticate (unprotected URL) with
>>> credentials; server returns a secure token which contains enough
>>> information for the server to validate future requests.
>>>
>>> Client makes subsequent requests to various (protected) URLs, appending
>>> the previously obtained token as a query parameter.
>>>
>>> Since we use Spring already, the solution will make use of Spring
>>> Security.
>>>
>>> So , I think this solution will be very useful for my future application
>>> and for future external applications which use DHIS API.
>>>
>>> If you agree with me I can start investigating how to implement this
>>> functionality.
>>>
>>> Best Regards,
>>> Yuriy Bugryn
>>>
>>> --
>>> *Yuriy Bugryn* | *Junior Software Developer*
>>>
>>> skype : tojayura
>>>
>>
>>
>
>
> --
> *Yuriy Bugryn* | *Junior Software Developer*
>
> skype : tojayura
>