Ronoaldo José de Lana Pereira
Brandon Wirtz
Get a dream host account. Call it, have it call your third party. That way only 1 IP.
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/nDzt2E5BuHkJ.
To post to this group, send email to google-a...@googlegroups.com.
To unsubscribe from this group, send email to google-appengi...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
Ronoaldo José de Lana Pereira
Em segunda-feira, 19 de março de 2012 17h37min39s UTC-3, Brandon Wirtz escreveu:
Get a dream host account. Call it, have it call your third party. That way only 1 IP.
From: google-appengine@googlegroups.com [mailto:google-appengine@googlegroups.com] On Behalf Of Ronoaldo José de Lana Pereira
Sent: Monday, March 19, 2012 1:33 PM
To: google-appengine@googlegroups.com
Subject: [google-appengine] Best practices to authenticate requests comming from my AppEngine app
We're integrating our AppEngine app with third parties services. They need to restrict access on the resources that we are using. They requested an IP address to open their firewall rules, which is not a good practice, since all appengine apps may share one or more ip addresses to perform URLFetch requests. How should we do this access control securely? Is there any secure way to be sure that the HTTP request is comming from my application and not from an untrusted source?
Any tips are welcome.
Best Regards,
-Ronoaldo
--
You received this message because you are subscribed to the Google Groups "Google App Engine" group.
To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine/-/nDzt2E5BuHkJ.
To post to this group, send email to google-appengine@googlegroups.com.
To unsubscribe from this group, send email to google-appengine+unsubscribe@googlegroups.com.
