Sunday, 15 August 2010

heroku - Is it possible to allow certain URLs to bypass wwwhisper -


I'm looking to add addon to add authentication to creating a simple webpad. WebAP creates a small JSO file that will be consumed by the iOS app. I want to be able to see all the JSON files without authentication and need backend access to go through wwwhisper Is it possible? From what I've seen so far, you can only specify that some URLs may be authorized for all certified users.

wwwhisper allows specifying URLs that do not reproduce the authentication. You can set * as an access control rule ( *? rule also allows all, but authentication is required) .

The request for such URLs can still go to the wwwhisper backend for authorization check, but the backend always provides access to them.

This feature is only available in payment plans (This is because the application with open space for everyone, backend)

If you do not want to open the locations to go to the wwwhisper backend, you can theoretically obtain it with a custom rack middleware that will examine the path and either wwweesper middleware, Or directly on your app This type of mode is not supported outside of the box and in order to handle it correctly some careful coding will be required. The reason behind this is that hard-related article-codes should be handled preferably in one place. Running some authoritative checks from the athlete may be a source of security worms.

No comments:

Post a Comment