06-02-2009 04:35 PM
I'm new to BlackBerry development and I am supposed to write an application that will interact with a JSON API of a given webservice.
Ive imported the JSON.ME package and it works great. But for authorization I'm not sure which way to go.
How is cookie handling "normaly" done on a BlackBerry device? I know the MDS Service takes care of cookies by default. But what about the Internet Service? If you have a BlackBerry device, does it matter which of the internet/mds services you have to get cookies handled by the server? I kind of need the big picture, and i cant seem to figure it out!
So in short: Can I rely on cookies being handled by all the different kinds of blackberry service solutions out there, or do I have to implement cookie handling myself for the application, in order to support devices that are not connected to a MDS service?
Thanks in advance,
06-04-2009 03:59 PM
06-04-2009 04:51 PM
Thanks for the reply!
I think I mixed up cookie with JSESSION. My API uses JSESSIONIDs sent by set-cookie header flag after logins to find out about the auth status of a user. And while testing the MDS-CS Simulator kept filtering out those replies and handled the session. If we are going to use the MDS-CS (BES) in our environment, will this work the same way? Or is it advised to set the simulator to not handle cookies and implement all that in the application?
03-10-2011 08:49 AM
This is unclear what MDS has to do with raw http querries ...
Last question is there some API to delete a cookie or can it workarounded by setting cookie to empty string ?
03-10-2011 10:36 AM
Didn't I already answer this question for you? Maybe I just don't understand what you are trying to accomplish.
BES and BIS mange the state for you - you don't have to manage it.
If you run MDS on the simulator, this emulates a BES connection, so you will not see the cookies.
If you do some type of direct connection, then you manage the state by collecting the Set-Cookie data (set by the host once you authenticate), and returning it in the Cookie header.
This is well-covered ground on the forum, I believe. It is also documented in the HTTP State Management specification, which you can find with Google.