M
Michael Jacobs
Guest
Hi Paul, Good question. While the client must always check and handle errors when the it accesses REST services, most of the time your REST access will be granted if you first authenticate to the web application. The mobile services do this 'authentication' check by accessing the web application's '/static/home.html' URL because has the same configured access control as the REST services and the client can check its return status without the need to fiddle with REST service parameters. If you don't want the html page '/static/auth/login.htlm' returned for a missing/invalid session - then try adding the 'accept' header with value "application/json" to the http request to '/static/home.html'. It triggers the Spring modules to return a JSON content and a non-success HTTP status if the session is not authenticated or has timed out. The response JSON looks something along the lines of: { "status_code": 401, "status_txt": "Not authenticated" } "the devil is in the detail" seems appropriate... Mike J.
Continue reading...
Continue reading...