Mobile Visualizer

Hi Yuriy,

Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?

All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.

Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.

To deal with cross-domain calls, I suggest you to do either one of the two things.

  1. Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
  2. If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:

chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)

Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.

···

Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 02:45, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello guys,

I already started working on my task with Mobile Visualizer .

The first point in my plan is : Implement authentication functionality.

So, I started working on first point and get some problems.

It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.

So, I suggest implements some new security for accessing for API.

It will be look like :

Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.

Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.

Since we use Spring already, the solution will make use of Spring Security.

So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.

If you agree with me I can start investigating how to implement this functionality.

Best Regards,

Yuriy Bugryn

Yuriy Bugryn | Junior Software Developer

skype : tojayura

Hi Yuriy,

Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2

We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.

···

2013/6/17 Saptarshi Purkayastha sunbiz@gmail.com

Hi Yuriy,

Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?

All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.

Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.

To deal with cross-domain calls, I suggest you to do either one of the two things.

  1. Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
  2. If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:

chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)

Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.


Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 02:45, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello guys,

I already started working on my task with Mobile Visualizer .

The first point in my plan is : Implement authentication functionality.

So, I started working on first point and get some problems.

It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.

So, I suggest implements some new security for accessing for API.

It will be look like :

Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.

Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.

Since we use Spring already, the solution will make use of Spring Security.

So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.

If you agree with me I can start investigating how to implement this functionality.

Best Regards,

Yuriy Bugryn

Yuriy Bugryn | Junior Software Developer

skype : tojayura


Yuriy Bugryn | Junior Software Developer

skype : tojayura

Thanks see error message. We need the Mobile component to work well;

Launchpad.net

Timeout error

Sorry, something just went wrong in Launchpad.

We’ve recorded what happened, and we’ll fix it as soon as possible. Apologies for the inconvenience.

Trying again in a couple of minutes might work.

(Error ID: OOPS-b7ccc5d005f05fd935d7b4a26aeb64d6)

LaunchpadTake the tourRead the guide

© 2004-2013 Canonical Ltd.Terms of useContact Launchpad SupportBlogCareersSystem status • r16673 (Get the code!)

PEPELA WANJALA

MINISTRY OF HEALTH HEADQUARTERS

HEALTH INFORMATION SYSTEM

AFYA HOUSE, HIS LG 37

P.O BOX 30016, NAIROBI, KENYA

TEL: +254 (020) 2717077 EXT 45097

CELL: +254 (0) 722375633 or 0202033363

EMAIL: wanjala2p@yahoo.com

** hmis@health.go.ke**

* *"HealthInformation Management - Making a World of Difference”

···

From: Saptarshi Purkayastha sunbiz@gmail.com
To: Yuriy Ivanovich yuriybugryn@gmail.com
Cc: dhis2-devs@lists.launchpad.net
Sent: Monday, June 17, 2013 4:15 PM
Subject: Re: [Dhis2-devs] Mobile Visualizer

Hi Yuriy,

Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2

We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.


Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 14:29, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello Saptarshi,

Yes , it is because I developing on localhost and the server which I using is http://apps.dhis2.org/demo.

Thanks for your answer ,

I will use solution number 2 : start Chrome with flags: chrome.exe --disable-web-security -–allow-file-access-from-files

Because I run DHIS server on my local server pc and developing web app on my laptop.

And I have another question :

Where I should create repository for my project ?

Many thanks,

Yuriy Bugryn

2013/6/17 Saptarshi Purkayastha sunbiz@gmail.com

Hi Yuriy,

Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?

All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.

Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.

To deal with cross-domain calls, I suggest you to do either one of the two things.

  1. Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
  2. If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:

chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)

Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.


Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 02:45, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello guys,

I already started working on my task with Mobile Visualizer .

The first point in my plan is : Implement authentication functionality.

So, I started working on first point and get some problems.

It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.

So, I suggest implements some new security for accessing for API.

It will be look like :

Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.

Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.

Since we use Spring already, the solution will make use of Spring Security.

So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.

If you agree with me I can start investigating how to implement this functionality.

Best Regards,

Yuriy Bugryn

Yuriy Bugryn | Junior Software Developer

skype : tojayura


Yuriy Bugryn | Junior Software Developer

skype : tojayura


Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp

Thanks Yuriy…
Looking forward to see your work over the summer.

···

2013/6/17 Saptarshi Purkayastha sunbiz@gmail.com

Hi Yuriy,

Thanks for asking this question. Since the coding period is about to start, it will be useful for all GSoC students to create their launchpad branches for the summer coding here - https://code.launchpad.net/dhis2

We expect that you create your branches here and be the owners of the branches. The mentors for your project as well as other community members will be able to follow your progress. We also suggest that you maintain a blog and make a weekly post highlighting the progress that you are making with your projects.


Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 14:29, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello Saptarshi,

Yes , it is because I developing on localhost and the server which I using is http://apps.dhis2.org/demo.

Thanks for your answer ,

I will use solution number 2 : start Chrome with flags: chrome.exe --disable-web-security -–allow-file-access-from-files

Because I run DHIS server on my local server pc and developing web app on my laptop.

And I have another question :

Where I should create repository for my project ?

Many thanks,

Yuriy Bugryn


Yuriy Bugryn | Junior Software Developer

skype : tojayura

2013/6/17 Saptarshi Purkayastha sunbiz@gmail.com

Hi Yuriy,

Why do you get a cross-domain issue??
Is it because you are developing on localhost and the server you are using is http://apps.dhis2.org/demo?

All DHIS2 URLs support Basic Authentication… so all you have to do is pass the authorization headers.

Thus, I dont think we need a separate URL for authentication. Also tokens for getting this done during the summer is not feasible IMO.

To deal with cross-domain calls, I suggest you to do either one of the two things.

  1. Put all your CSS, HTML, JS inside a folder in expanded tomcat dhis and run tomcat. You’ll be hosted in the same tomcat as DHIS2 and hence not have cross-domain issues
  2. If you wish to work with the your mobile app from localhost and make calls to dhis2 demo, you can start Chrome with flags:

chrome.exe --disable-web-security -–allow-file-access-from-files (or similar in Linux)

Also, since this will be mobile app, the mobile browser WebView or what have you for the different platforms, allow cross-domain calls. So that will not be a deployment problem.


Regards,
Saptarshi PURKAYASTHA

My Tech Blog: http://sunnytalkstech.blogspot.com
You Live by CHOICE, Not by CHANCE

On 17 June 2013 02:45, Yuriy Ivanovich yuriybugryn@gmail.com wrote:

Hello guys,

I already started working on my task with Mobile Visualizer .

The first point in my plan is : Implement authentication functionality.

So, I started working on first point and get some problems.

It is very inconveniently using standart way of authentication . I get problems with Cross-domain and other.

So, I suggest implements some new security for accessing for API.

It will be look like :

Client makes a request to …/authenticate (unprotected URL) with credentials; server returns a secure token which contains enough information for the server to validate future requests.

Client makes subsequent requests to various (protected) URLs, appending the previously obtained token as a query parameter.

Since we use Spring already, the solution will make use of Spring Security.

So , I think this solution will be very useful for my future application and for future external applications which use DHIS API.

If you agree with me I can start investigating how to implement this functionality.

Best Regards,

Yuriy Bugryn

Yuriy Bugryn | Junior Software Developer

skype : tojayura


Yuriy Bugryn | Junior Software Developer

skype : tojayura