greptilian logo

IRC log for #rest, 2015-12-10

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
00:35 shadowrunner joined #rest
00:39 fuzzy_horns joined #rest
00:48 fuzzyhor_ joined #rest
01:02 vanHoesel joined #rest
01:23 lemur joined #rest
01:55 rickharrison joined #rest
01:56 bluezone_ joined #rest
02:01 Guest81957 joined #rest
02:08 vanHoesel joined #rest
02:19 fuzzyhor_ joined #rest
02:49 fuzzy_horns joined #rest
04:10 vanHoesel joined #rest
04:44 fuzzyhor_ joined #rest
04:50 fuzzy_horns joined #rest
04:50 fumanchu joined #rest
05:11 vanHoesel joined #rest
05:46 fuzzyhor_ joined #rest
06:05 Coldblackice joined #rest
06:14 vanHoesel joined #rest
06:47 fuzzyhor_ joined #rest
06:48 vanHoesel joined #rest
06:51 fuzzy_horns joined #rest
07:31 vanHoesel joined #rest
07:45 Coldblackice joined #rest
07:48 fuzzyhor_ joined #rest
08:23 Coldblackice joined #rest
08:49 fuzzyhor_ joined #rest
08:51 fuzzy_horns joined #rest
09:10 graste joined #rest
09:22 Macaveli joined #rest
09:37 chthon joined #rest
09:49 fuzzyhor_ joined #rest
09:55 interop_madness joined #rest
10:26 baweaver joined #rest
10:50 fuzzyhor_ joined #rest
10:52 fuzzy_horns joined #rest
11:00 _ollie joined #rest
11:51 fuzzyhor_ joined #rest
12:28 baweaver joined #rest
12:52 fuzzyhor_ joined #rest
12:53 fuzzy_horns joined #rest
13:14 eschmidbauer joined #rest
13:14 eschmidbauer left #rest
13:41 vanHoesel joined #rest
13:52 fuzzyhor_ joined #rest
13:54 fuzzy_horns joined #rest
14:07 mezod joined #rest
14:22 DaSpirit joined #rest
14:23 DaSpirit So what do you guys do about sessions in terms of REST? I keep reading mixed discussion on them.
14:23 DaSpirit I really don't like the idea of apps storing authentication details in plain-text.
14:27 pith If you use session your are not doing REST
14:29 pith You can see here why: http://stackoverflow.com/a/20311981/1292605
14:29 DaSpirit Then how do my apps secure authentication?
14:29 pith http://restcookbook.com/Basics/loggingin/
14:41 fuzzy_horns joined #rest
14:54 sfisque DaSpirit authentication is a component of session management, but you don't need to maintain a session to provide authentication.  you would just require it with every request (no conversation).  as for storing credentials (sometimes you have to in order to do "relaying" or proxy calls, in which case, you should be holding them in an encrypted manner so they cannot be sniffed from memory (a la heartbleed, etc.) and the encryption key s
15:02 DaSpirit I'm very new to all things security and web.
15:02 DaSpirit sfisque, so I store the encryption key with the username + password?
15:05 fumanchu are you relaying requests to another service?
15:06 DaSpirit I wrote my own REST server.
15:23 sfisque fumanchu sort of.  we have many systems that cross consume other systems as part of workflows and "decision models" that occur during execution.  when i came on board they were holding the creds in memory in plaintext.  i created a vault that stores the creds encrypted and returns an opaque tag that is used to reobtain the creds.  the encryption key is generated at startup time so it is different over time to reduce the security footpr
15:34 vanHoesel joined #rest
15:52 fuzzyhor_ joined #rest
16:24 al-damiri joined #rest
16:24 al-damiri left #rest
16:30 baweaver joined #rest
16:34 baweaver joined #rest
16:53 fuzzyhor_ joined #rest
17:02 _ollie joined #rest
17:11 bluezone_ joined #rest
17:27 bluezone joined #rest
17:38 anth0ny joined #rest
17:54 fuzzyhor_ joined #rest
18:13 _ollie joined #rest
18:25 vanHoesel joined #rest
18:54 lemur joined #rest
18:54 fuzzyhor_ joined #rest
19:08 simonv3 joined #rest
19:33 vanHoesel joined #rest
19:36 _ollie joined #rest
19:55 fuzzyhor_ joined #rest
20:31 _ollie joined #rest
20:32 Coldblackice joined #rest
20:43 DrCode joined #rest
20:56 fuzzyhor_ joined #rest
21:00 adaro joined #rest
21:18 eschmidbauer joined #rest
21:19 eschmidbauer left #rest
21:28 wavded joined #rest
21:32 wavded joined #rest
21:34 _ollie joined #rest
21:37 blahdeblah left #rest
21:44 wavded joined #rest
21:57 fuzzyhor_ joined #rest
22:58 fuzzyhor_ joined #rest
23:48 vanHoese_ joined #rest
23:58 fuzzyhor_ joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/