usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From timangl...@apache.org
Subject svn commit: r1542910 [8/36] - in /incubator/usergrid/site/publish: ./ bootstrap/ bootstrap/bootstrap/ community/ css/ css/bootflat-extensions/ css/bootflat-square/ css/bootflat/ css/font-awesome/ css/usergrid-site/ docs/ docs/access-token/ docs/activit...
Date Mon, 18 Nov 2013 06:09:27 GMT
Added: incubator/usergrid/site/publish/docs/authenticating-users-and-application-clients/index.html
URL: http://svn.apache.org/viewvc/incubator/usergrid/site/publish/docs/authenticating-users-and-application-clients/index.html?rev=1542910&view=auto
==============================================================================
--- incubator/usergrid/site/publish/docs/authenticating-users-and-application-clients/index.html (added)
+++ incubator/usergrid/site/publish/docs/authenticating-users-and-application-clients/index.html Mon Nov 18 06:09:23 2013
@@ -0,0 +1,408 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <title>Apache Usergrid (incubating) — Authenticating users and application clients</title>
+    <meta http-equiv="x-ua-compatible" content="ie=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1" />
+    <meta name="keywords" content="Apache Usergrid, Usergrid, BaaS, Backend-as-a-Service">
+    <meta name="description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <meta property="og:title" content="Apache Usergrid" />
+    <meta property="og:description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <!-- Loading Typekit -->
+    <script type="text/javascript" src="//use.typekit.net/ddl7izx.js"></script>
+    <script type="text/javascript">try{Typekit.load();}catch(e){}</script>
+    <!-- Loading Bootstrap -->
+    <link href="/bootstrap/bootstrap.min.css" rel="stylesheet" type='text/css'>
+    <link href="/css/bootflat.css" rel="stylesheet" type='text/css'>
+    <link href="/css/usergrid-site.css" rel="stylesheet" type='text/css'>
+    <link href="http://fonts.googleapis.com/css?family=Open+Sans:200,400,500,300,600,800,700,400italic,600italic,700italic,800italic,300italic" rel="stylesheet" type="text/css">
+    <link href="/css/font-awesome.min.css" rel="stylesheet" type='text/css'>
+
+    
+
+    <!-- HTML5 shim, for IE6-8 support of HTML5 elements. All other JS at the end of file. -->
+    <!--[if lt IE 9]>
+      <script src="js/html5shiv.js"></script>
+      <script src="js/respond.min.js"></script>
+    <![endif]-->
+</head>
+<body>
+
+    <header class="navbar navbar-inverse navbar-fixed-top bf-docs-nav secondary" role="banner">
+    <div class="container">
+        <div class="navbar-header">
+            <button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".bf-navbar-collapse">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a href="/" class="navbar-brand">
+                <img id="home-logo" src="/img/apache_usergrid_logo_white_small.png" />
+            </a>
+        </div>
+        <nav class="collapse navbar-collapse bf-navbar-collapse" role="navigation">
+            <ul class="nav navbar-nav navbar-right">
+                <!--<li class="active"><a href="/docs/"><span class="icns icon-book"></span></a></li>-->
+                <li class=""><a href="/community/"><span class="icns icon-group"></span></a></li>
+                <li><a href="http://github.com/usergrid/usergrid" target="_blank"><span class="icns icon-github-sign"></span></a></li>
+                <!--<li><a href="https://trello.com/b/exQmJIOn/usergrid" target="_blank"><span class="icns icon-trello"></span></a></li>-->
+                <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank"><span class="icns icon-bug"></span></a></li>
+                <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank"><span class="icns icon-stackexchange"></span></a></li>
+                <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4" target="_blank"><span class="icns icon-comments"></span></a></li>
+                <!--<li><a href="https://groups.google.com/forum/#!forum/usergrid" target="_blank"><span class="icns icon-envelope"></span></a></li>-->
+                <li><a href="https://twitter.com/usergrid" target="_blank"><span class="icns icon-twitter"></span></a></li>
+            </ul>
+        </nav>
+    </div>
+    </header>
+
+
+<div class="container bf-docs-container">    
+    <div class="row">
+        <div class="col-md-3">
+            <div class="bf-sidebar hidden-print" role="complementary">
+                <ul class="nav nav-list">
+                    <li><a href="#">Getting Up & Running Locally</a></li>
+                    <li><a href="#"><code>ugc</code> — the Command-line Client</a></li>
+
+                    <li class="nav-header"><span>Concepts</span></li>
+                    <li>
+                        <a href="/docs/organizations-admins/">Organizations & Admins</a>
+                        <ul>
+                            <li>
+                                <a href="/docs/applications">Applications</a>
+                                <ul>
+                                    <li><a href="#">Roles & Permissions</a></li>
+                                    <li><a href="#">Queues</a></li>
+                                    <li><a href="#">Events & Counters</a></li>
+                                    <li>
+                                        <a href="#">Collections</a>
+                                        <ul>
+                                            <li><a href="#">Query Language</a></li>
+                                            <li><a href="#">Users & Devices</a></li>
+                                            <li><a href="#">Groups</a></li>
+                                            <li><a href="#">Activities</a></li>
+                                            <li><a href="#">Assets</a></li>
+                                        </ul>
+                                    </li>
+                                </ul>
+                            </li>
+                        </ul>
+                    </li>
+
+
+                    <li class="nav-header"><span>Usage</span></li>
+                    <li><a href="/docs/rest-api">REST API</a></li>
+                    <li><a class="icns-apple" href="#">iOS SDK</a></li>
+                    <li><a class="icns-android" href="#">Android SDK</a></li>
+                    <li><a class="icns-html5" href="/docs/html5-javascript-sdk">HTML5 / JavaScript SDK</a></li>
+                    <li><a class="icns-windows" href="#">Windows 8 / Windows Phone / .net SDK</a></li>
+                    <li><a href="/docs/nodejs-module">Node.js module</a></li>
+                    <li><a href="/docs/ruby-gem">Ruby gem</a></li>
+                    <li><a href="#">Ruby on Rails gem</a></li>
+                    <li><a href="#">PHP library</a></li>
+
+                    <li class="nav-header"><span>Internals</span></li>
+                    <li><a href="#">Design & Goals</a></li>
+                    <li><a href="#">Java Architecture</a></li>
+                    <li><a href="#">Cassandra Schema</a></li>
+                    <li><a href="#">Contributing</a></li>
+
+                    <li class="nav-header"><span>Operations</span></li>
+                    <li><a href="#">Deploying</a></li>
+                    <li><a href="#">Monitoring</a></li>
+                    <li><a href="#">Upgrading</a></li>
+                    <li><a href="#">Security</a></li>
+                </ul>
+            </div>
+        </div>
+
+        <div class="col-md-9 main-article" role="main">
+            <div class="page-article">
+                <div class="page-header">
+                    <h1>Authenticating users and application clients</h1>
+                  <small><a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/authenticating-users-and-application-clients/">contribute to this article on github</a></small>
+                </div>
+                <div class="toc">
+	<ul>
+<li>
+<a href="#authenticating-users-and-application-clients">Authenticating users and application clients</a><ul>
+<li><a href="#authentication-levels">Authentication levels</a></li>
+<li>
+<a href="#adding-code-to-support-authentication">Adding code to support authentication</a><ul>
+<li><a href="#using-an-access-token">Using an access token</a></li>
+<li><a href="#authenticating-asapplication-user">Authenticating as Application User</a></li>
+<li><a href="#authenticating-asapplication">Authenticating as Application</a></li>
+<li><a href="#authenticating-asadmin-user">Authenticating as Admin User</a></li>
+<li><a href="#authenticating-asorganization">Authenticating as Organization</a></li>
+</ul>
+</li>
+<li>
+<a href="#authentication-token-time-to-live">Authentication token time to live</a><ul>
+<li><a href="#changing-the-default-time-to-live">Changing the default time-to-live</a></li>
+<li><a href="#changing-token-time-to-live">Changing token time-to-live</a></li>
+</ul>
+</li>
+<li><a href="#revoking-authentication-tokens">Revoking authentication tokens</a></li>
+<li><a href="#safe-mobile-access">Safe mobile access</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<h1 id="authenticating-users-and-application-clients"><a href="#authenticating-users-and-application-clients">Authenticating users and application clients</a></h1>
+<p>To protect your Apache Usergrid application data, one of the steps you’ll take is to authenticate your app’s users. By ensuring that they are who they say they are, you can help ensure that your application’s data is available in secure ways. After you’ve created permission rules that define access to your application and have associated these rules with users, you’ll want to add code that authenticates your user, as described in this topic.</p>
+<p><strong>Note: </strong>You manage access to your application’s data by creating permission rules that govern which users can do what. Users authenticated as Application User have access according to these rules. For more about managing permissions, see <a href="/managing-access-defining-permission-rules">Managing access by defining permission rules</a>.</p>
+<h2 id="authentication-levels"><a href="#authentication-levels">Authentication levels</a></h2>
+<p>Apache Usergrid supports four levels of authentication, but only one of them is used when checking a registered user’s permissions. The other three levels are useful for authenticating other web applications that want to access to your Apache Usergrid application. Because the scope of access that the other authentication levels provide is so broad (and as a result, so powerful), it’s a bad practice to use them from a mobile app. Instead, they’re better suited to other client apps, such as web applications.</p>
+<p>The following table describes each of the authentication levels. Note that only one of these is configurable using the admin portal. The others are independent of Application User level access, which is governed by permission rules you define (usually with the admin portal). In contrast, the level of acces provided by the others is only as described in the notes.</p>
+<table>
+<col width="25%">
+<col width="25%">
+<col width="25%">
+<col width="25%">
+<thead><tr class="header">
+<th align="left">Authentication Level</th>
+<th align="left">Description</th>
+<th align="left">Permissions Configurable in Admin Portal</th>
+<th align="left">Notes</th>
+</tr></thead>
+<tbody>
+<tr class="odd">
+<td align="left"><p>Application User</p></td>
+<td align="left"><p>Allows access to your Apache Usergrid application as governed by the permission rules you create and associated with users and user groups.</p></td>
+<td align="left"><p>Yes |</p></td>
+<td align="left">
+<p>You allow specific | access to application resources by creating permission rules, then associating these rules with users. Typically, you’ll begin by creating roles, then create permission rules for the roles, then associate the roles with users (or groups of users).</p>
+<p>Each Application User is represented by a User entity in your Apache Usergrid application. (For more about the User entity, see <a href="/user">User</a>.)</p>
+<p>For more about roles and permissions, see <a href="/managing-a%20ccess-defining-per%20mission-rules">Managing access by defining permission rules</a>. For a look at how security features fit together, see <a href="/app-sec%20urity-overview">App Security Overview</a>.</p>
+</td>
+</tr>
+<tr class="even">
+<td align="left"><p>Application</p></td>
+<td align="left"><p>Allows full access to perform any operation on an Apache Usergrid application account (but not other applications within the same organization). Should not be used from a mobile client.</p></td>
+<td align="left">
+<p>No</p>
+<p>|</p>
+</td>
+<td align="left">
+<p>Authentication at this level is useful in a | server-side application (not a mobile app) that needs access to resources through the Apache Usergrid API.</p>
+<p>Imagine that you created a web site that lists every hiking trail in the Rocky Mountains. Anyone can go to the web site and view the content. However, you don’t want anyone to have access to the App Services API, where all the data is stored. But you do want to give your web server access so that it can generate the pages to serve to the website’s visitors.</p>
+<p><strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobi%20le">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+</td>
+</tr>
+<tr class="odd">
+<td align="left"><p>Admin User</p></td>
+<td align="left"><p>Allows full access to perform any operation on all organization accounts of which the admin user is a member. Should not be used from a mobile client.</p></td>
+<td align="left"><p>No</p></td>
+<td align="left">
+<p>This authentication level is useful from applications that provide organization-wide administration features. For example, the App Services admin portal uses this level of access because it requires full access to the administration features.</p>
+<p>Unless you have a specific need for administrative features, such as to run test scripts that require access to management functionality, you should not use the admin user authentication level.</p>
+<p><strong>Note:</strong> Currently, organization and admin user access are effectively the same. Eventually, the admin user level will be a configurable subset of the organization level of access. <strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobi%20le">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+</td>
+</tr>
+<tr class="even">
+<td align="left"><p>Organization</p></td>
+<td align="left"><p>Full access to perform any operation on an Apache Usergrid organization. Should not be used from a mobile client.</p></td>
+<td align="left">
+<p>No</p>
+<p>|</p>
+</td>
+<td align="left">
+<p>Providing the greatest amount of access, this | authentication level lets a client perform any operation on an Apache Usergrid organization. This level of access should be used sparingly and carefully.</p>
+<p><strong>Note:</strong> Currently, organization and admin user access are effectively the same. Eventually, the admin user level will be a configurable subset of the organization level of access. <strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobi%20le">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+</td>
+</tr>
+</tbody>
+</table><h2 id="adding-code-to-support-authentication"><a href="#adding-code-to-support-authentication">Adding code to support authentication</a></h2>
+<h3 id="using-an-access-token"><a href="#using-an-access-token">Using an access token</a></h3>
+<p>When you obtain an access token, you must provide it with every subsequent API call that you make. There are two ways to provide your access token.</p>
+<ul>
+<li><p>You can add the token to the API query string:<br><br> https://api.usergrid.com/{org-name}/{app-name}/users?access_token={access_token}</p></li>
+<li><p>You can include the token in an HTTP authorization header:<br><br> Authorization: Bearer {access_token}</p></li>
+</ul><p><strong>Note:</strong> The App services documentation assumes you are providing a valid access token with every API call whether or not it is shown explicitly in the examples. Unless the documentation specifically says that you can access an API endpoint without an access token, you should assume that you must provide it. One application that does not require an access token is the sandbox application. The Guest role has been given full permissions (/** for GET, POST, PUT, and DELETE) for this application. This eliminates the need for a token when making application level calls to the sandbox app. For further information on specifying permissions, see <a href="/managing-access-defining-permission-rules">Managing access by defining permission rules</a>.</p>
+<h3 id="authenticating-asapplication-user"><a href="#authenticating-asapplication-user">Authenticating as Application User</a></h3>
+<p>Using the username and password values specified when the user entity was created, your app can connect to the Apache Usergrid application endpoint to request an access token. (Note that it’s also possible to use the user’s email address in place of the username.) Here is an example in cURL format of a request for application user access:</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/my-org/my-app/token" -d '{"grant_type":"password","username":"john.doe","password":"testpw"}'</code></pre>
+<p>The results include the access token needed to make subsequent API requests on behalf of the application user:</p>
+<pre><code>{
+"access_token": "5wuGd-lcEeCUBwBQVsAACA:F8zeMOlcEeCUBwBQVsAACA:YXU6AAABMq0hdy4Lh0ewmmnOWOR-DaepCrpWx9oPmw",
+"expires_in": 3600,
+"user": {
+...
+}
+}
+    </code></pre>
+<h3 id="authenticating-asapplication"><a href="#authenticating-asapplication">Authenticating as Application</a></h3>
+<p>Using your app’s client id and client secret values, your app can connect to the Apache Usergrid application endpoint to request an access token. Here is an example in cURL format of a request for application access:</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/my-org/my-app/token" -d '{"grant_type":"client_credentials","client_id":"YXB7NAD7EM0MEeJ989xIxPRxEkQ","client_secret":"YXB7NAUtV9krhhMr8YCw0QbOZH2pxEf"}'</code></pre>
+<p>The results include the access token needed to make subsequent API requests on behalf of the application:</p>
+<pre><code>{
+"access_token": "F8zeMOlcEeCUBwBQVsAACA:YXA6AAABMq0d4Mep_UgbZA0-sOJRe5yWlkq7JrDCkA",
+"expires_in": 3600,
+"application": {
+...  
+}
+}
+    </code></pre>
+<p><strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobile">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+<h3 id="authenticating-asadmin-user"><a href="#authenticating-asadmin-user">Authenticating as Admin User</a></h3>
+<p>If you do require admin user access, your app can connect to the App Services management endpoint to request an access token. Your app supplies the username and password of an admin user in the request. Here is an example in cURL format of a request for admin user access:</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/management/token"  -d '{"grant_type":"password","username":"testadmin","password":"testadminpw"}'</code></pre>
+<p>The results include the access token needed to make subsequent API requests on behalf of the admin user:</p>
+<pre><code>{
+"access_token": "f_GUbelXEeCfRgBQVsAACA:YWQ6AAABMqz_xUyYeErOkKjnzN7YQXXlpgmL69fvaA",
+"expires_in": 3600,
+"user": {
+...
+}
+}
+    </code></pre>
+<p><strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobile">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+<h3 id="authenticating-asorganization"><a href="#authenticating-asorganization">Authenticating as Organization</a></h3>
+<p>If you do require organization level access, your app can connect to the Apache Usergrid management endpoint to request an access token. Access to an organization requires the client id and client secret credentials. Here is an example in cURL format of a request for organization access:</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/management/token" -d '{"grant_type":"client_credentials","client_id":"YXB7NAD7EM0MEeJ989xIxPRxEkQ","client_secret":"YXB7NAUtV9krhhMr8YCw0QbOZH2pxEf"}'</code></pre>
+<p>The results include the access token needed to make subsequent API requests to the organization:</p>
+<pre><code>{
+"access_token": "gAuFEOlXEeCfRgBQVsAACA:b3U6AAABMqz-Cn0wtDxxkxmQLgZvTMubcP20FulCZQ",
+"expires_in": 3600,
+"organization": {
+...
+}
+}
+    </code></pre>
+<p><strong>Warning:</strong> You should never authenticate this way from a client-side app such as a mobile app. A hacker could analyze your app and extract the credentials for malicious use even if those credentials are compiled and in binary format. See <a href="#safe_mobile">Safe mobile access</a> for additional considerations in keeping access to your app and its data secure.</p>
+<h2 id="authentication-token-time-to-live"><a href="#authentication-token-time-to-live">Authentication token time to live</a></h2>
+<p>An access token has a “time-to-live”, which is the maximum time that the access token will be valid for use within the application, specified in milliseconds. By default, all tokens have a system-defined time-to-live of 24 hours.</p>
+<h3 id="changing-the-default-time-to-live"><a href="#changing-the-default-time-to-live">Changing the default time-to-live</a></h3>
+<p>You can change the default time-to-live for all application tokens by updating the Application entity’s accesstokenttl property. </p>
+<p>For example, the following updates an application entity to have a default time-to-live value of 1800000 miliseconds (30 minutes) for all tokens:</p>
+<pre><code>curl -X PUT -i -H "Content-Type: application/json" "https://api.usergrid.com/my-org/my-app" -d '{"accesstokenttl":"1800000"}'</code></pre>
+<h3 id="changing-token-time-to-live"><a href="#changing-token-time-to-live">Changing token time-to-live</a></h3>
+<p>When you request an access token, you can override its time-to-live by including a ttl parameter in the request.</p>
+<p>The ttl value must be equal to or less than the value of the accesstokenttl property. If you specify a ttl value greater than the value of accesstokenttl, an error message is returned that indicates the maximum time to live value that can be specified.</p>
+<p><strong>Note: </strong>If you set ttl=0, the token will never expire. This can pose a security risk and should be used with caution.</p>
+<p>For example, the following sets a time to live value of 1800000 miliseconds (30 minutes) for an admin user:</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/management/token?ttl=1800000" -d '{"grant_type":"client_credentials","client_id":"YXB7NAD7EM0MEeJ989xIxPRxEkQ","client_secret":"YXB7NAUtV9krhhMr8YCw0QbOZH2pxEf"}'</code></pre>
+<p>The following sets the same time to live value for an application user.</p>
+<pre><code>curl -X POST -i -H "Content-Type: application/json" "https://api.usergrid.com/my-org/my-app/token?ttl=1800000" -d '{"grant_type":"password","username":"testadmin","password":"testadminpw"}'</code></pre>
+<h2 id="revoking-authentication-tokens"><a href="#revoking-authentication-tokens">Revoking authentication tokens</a></h2>
+<p>Under certain circumstances, you may need to explicitly revoke a user’s access token, such as when a user logs out. To revoke a specific authentication token, send the following <code>PUT</code> request:</p>
+<pre><code>curl -X PUT https://api.usergrid.com/&lt;org_name&gt;/&lt;app_name&gt;/users/&lt;user_uuid_or_username&gt;/revoketokens?token="&lt;token&gt;"</code></pre>
+<p>If the token is successfully revoked, you will receive the following response from the API:</p>
+<pre><code>{
+  "action" : "revoked user token",
+  "timestamp" : 1382050891455,
+  "duration" : 24
+}</code></pre>
+<h2 id="safe-mobile-access"><a href="#safe-mobile-access">Safe mobile access</a></h2>
+<p>For mobile access, it is recommended that you connect as an application user with configured access control policies. Mobile applications are inherently untrusted because they can be easily examined and even decompiled.</p>
+<p>Any credentials stored in a mobile app should be considered secure only to the Application User level. This means that if you don’t want the user to be able to access or delete data in your Apache Usergrid application, you need to make sure that you don’t enable that capability through roles or permissions. Because most web applications talk to the database using some elevated level of permissions, such as root, it’s generally a good idea for mobile applications to connect with a more restricted set of permissions. For more information on restricting access through permission rules, see <a href="/managing-access-defining-permission-rules">Managing access by defining permission rules</a>.</p>
+            </div>
+        </div>
+    </div>
+    <div class="row">
+        <div class="col-md-3"></div>
+        <div class="col-md-9">
+            <div class="github-callout">
+                <strong>Questions?</strong> Please do <a href="https://groups.google.com/forum/#!forum/usergrid">ask on the mailing-list</a>!<br/>
+                <strong>Found an error?</strong> We’d greatly appreciate a pull request about <a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/authenticating-users-and-application-clients/">this article on github</a>.</div>
+        </div>
+    </div>
+</div>
+
+
+<footer class="bf-footer" role="contentinfo">
+    <div class="container">
+        <div class="row">
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="/">Home</a></li>
+                    <li class="nav-header"><a href="/community/">Community</a></li>
+                        <!-- <li><a href="/community#events">Events</a></li> -->
+                        <li><a href="/community/#mailing-lists">Mailing Lists</a></li>
+                        <li><a href="/community/#deployments">Deployments</a></li>
+                        <li><a href="/community/#committers">Commiters</a></li>
+                    <!-- <li class="nav-header"><a href="#">Docs</a></li> -->
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="https://github.com/usergrid/usergrid/" target="_blank">Code</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/stack" target="_blank">Server Stack</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/portal" target="_blank">Admin Portal</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/ugc" target="_blank">ugc command line</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ios" target="_blank">iOS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/android" target="_blank">Android SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/html5-javascript" target="_blank">HTML5/JS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/nodejs" target="_blank">node.js module</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby-on-rails" target="_blank">Ruby on Rails gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby" target="_blank">Ruby gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/php" target="_blank">PHP SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/java" target="_blank">Java SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/dotnet" target="_blank">.NET / Windows SDK</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header">Resources</li>
+                        <li><a href="http://github.com/usergrid/usergrid" target="_blank">GitHub Code</a></li>
+                        <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank">JIRA Bug Tracker</a></li>
+                        <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank">StackOverflow</a></li>
+                        <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4">IRC</a></li>
+                        <li><a href="https://twitter.com/usergrid" target="_blank">Twitter</a></li>
+                        <li><a href="http://incubator.apache.org/projects/usergrid.html" target="_blank">Podling Listing</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/LICENSE" target="_blank">License</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#requirements" target="_blank">Getting Started</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#contributing" target="_blank">Contribution Guidelines</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2"></div>
+            <div class="col-md-4">
+                <a class="twitter-timeline" href="https://twitter.com/search?q=%23usergrid" data-widget-id="401499136807038976"  data-related="usergrid" height="400px" style="overflow:hidden">Tweets about "usergrid"</a>
+                <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+"://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
+            </div> 
+        <!--
+            <div class="col-md-4">
+                <div class="input-group form-search">
+                    <input type="text" class="form-control search-query">
+                    <span class="input-group-btn">
+                        <button type="submit" class="btn btn-primary" data-type="last">Search</button>
+                    </span>
+                </div>
+            </div> -->
+        </div> 
+        <div class="row">
+            <div id="copyright">
+                <img src="/img/egg-logo.png" /><br/><br/>
+                <p>Apache Usergrid is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the name of Apache TLP sponsor. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.</p>
+                <p>Copyright © 2013 The Apache Software Foundation, Licensed under the Apache License, Version 2.0.<br>
+                Apache and the Apache feather logos are trademarks of The Apache Software Foundation.</p>
+                <p class="credits">Site designed & assembled with love by <a href="https://github.com/ryuneeee">@ryuneeee</a> + <a href="https://github.com/realbeast">@realbeast</a> + <a href="https://twitter.com/timanglade">@timanglade</a>.</p>
+            </div>
+        </div>
+    </div>
+</footer>
+
+<script type="text/javascript" src="/js/head.js"></script>
+<script type="text/javascript">
+    head.js("/js/jquery-1.10.1.min.js", "/js/bootstrap.min.js", "/js/usergrid-site.js");
+</script>
+<script type="text/javascript">
+    //IE outdate friendly warning if you don't want remove it
+    var $buoop = {vs:{i:8,f:3.6,o:10.6,s:3.2,n:9}}
+    $buoop.ol = window.onload;
+    window.onload=function(){
+        try {if ($buoop.ol) $buoop.ol();}catch (e) {}
+        var e = document.createElement("script");
+        e.setAttribute("type", "text/javascript");
+        e.setAttribute("src", "http://browser-update.org/update.js");
+        document.body.appendChild(e);
+    }
+</script>
+
+
+</body>
+</html>
\ No newline at end of file

Added: incubator/usergrid/site/publish/docs/authentication-and-access-app-services-0/index.html
URL: http://svn.apache.org/viewvc/incubator/usergrid/site/publish/docs/authentication-and-access-app-services-0/index.html?rev=1542910&view=auto
==============================================================================
--- incubator/usergrid/site/publish/docs/authentication-and-access-app-services-0/index.html (added)
+++ incubator/usergrid/site/publish/docs/authentication-and-access-app-services-0/index.html Mon Nov 18 06:09:23 2013
@@ -0,0 +1,400 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <title>Apache Usergrid (incubating) — Authentication and access in App services</title>
+    <meta http-equiv="x-ua-compatible" content="ie=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1" />
+    <meta name="keywords" content="Apache Usergrid, Usergrid, BaaS, Backend-as-a-Service">
+    <meta name="description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <meta property="og:title" content="Apache Usergrid" />
+    <meta property="og:description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <!-- Loading Typekit -->
+    <script type="text/javascript" src="//use.typekit.net/ddl7izx.js"></script>
+    <script type="text/javascript">try{Typekit.load();}catch(e){}</script>
+    <!-- Loading Bootstrap -->
+    <link href="/bootstrap/bootstrap.min.css" rel="stylesheet" type='text/css'>
+    <link href="/css/bootflat.css" rel="stylesheet" type='text/css'>
+    <link href="/css/usergrid-site.css" rel="stylesheet" type='text/css'>
+    <link href="http://fonts.googleapis.com/css?family=Open+Sans:200,400,500,300,600,800,700,400italic,600italic,700italic,800italic,300italic" rel="stylesheet" type="text/css">
+    <link href="/css/font-awesome.min.css" rel="stylesheet" type='text/css'>
+
+    
+
+    <!-- HTML5 shim, for IE6-8 support of HTML5 elements. All other JS at the end of file. -->
+    <!--[if lt IE 9]>
+      <script src="js/html5shiv.js"></script>
+      <script src="js/respond.min.js"></script>
+    <![endif]-->
+</head>
+<body>
+
+    <header class="navbar navbar-inverse navbar-fixed-top bf-docs-nav secondary" role="banner">
+    <div class="container">
+        <div class="navbar-header">
+            <button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".bf-navbar-collapse">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a href="/" class="navbar-brand">
+                <img id="home-logo" src="/img/apache_usergrid_logo_white_small.png" />
+            </a>
+        </div>
+        <nav class="collapse navbar-collapse bf-navbar-collapse" role="navigation">
+            <ul class="nav navbar-nav navbar-right">
+                <!--<li class="active"><a href="/docs/"><span class="icns icon-book"></span></a></li>-->
+                <li class=""><a href="/community/"><span class="icns icon-group"></span></a></li>
+                <li><a href="http://github.com/usergrid/usergrid" target="_blank"><span class="icns icon-github-sign"></span></a></li>
+                <!--<li><a href="https://trello.com/b/exQmJIOn/usergrid" target="_blank"><span class="icns icon-trello"></span></a></li>-->
+                <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank"><span class="icns icon-bug"></span></a></li>
+                <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank"><span class="icns icon-stackexchange"></span></a></li>
+                <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4" target="_blank"><span class="icns icon-comments"></span></a></li>
+                <!--<li><a href="https://groups.google.com/forum/#!forum/usergrid" target="_blank"><span class="icns icon-envelope"></span></a></li>-->
+                <li><a href="https://twitter.com/usergrid" target="_blank"><span class="icns icon-twitter"></span></a></li>
+            </ul>
+        </nav>
+    </div>
+    </header>
+
+
+<div class="container bf-docs-container">    
+    <div class="row">
+        <div class="col-md-3">
+            <div class="bf-sidebar hidden-print" role="complementary">
+                <ul class="nav nav-list">
+                    <li><a href="#">Getting Up & Running Locally</a></li>
+                    <li><a href="#"><code>ugc</code> — the Command-line Client</a></li>
+
+                    <li class="nav-header"><span>Concepts</span></li>
+                    <li>
+                        <a href="/docs/organizations-admins/">Organizations & Admins</a>
+                        <ul>
+                            <li>
+                                <a href="/docs/applications">Applications</a>
+                                <ul>
+                                    <li><a href="#">Roles & Permissions</a></li>
+                                    <li><a href="#">Queues</a></li>
+                                    <li><a href="#">Events & Counters</a></li>
+                                    <li>
+                                        <a href="#">Collections</a>
+                                        <ul>
+                                            <li><a href="#">Query Language</a></li>
+                                            <li><a href="#">Users & Devices</a></li>
+                                            <li><a href="#">Groups</a></li>
+                                            <li><a href="#">Activities</a></li>
+                                            <li><a href="#">Assets</a></li>
+                                        </ul>
+                                    </li>
+                                </ul>
+                            </li>
+                        </ul>
+                    </li>
+
+
+                    <li class="nav-header"><span>Usage</span></li>
+                    <li><a href="/docs/rest-api">REST API</a></li>
+                    <li><a class="icns-apple" href="#">iOS SDK</a></li>
+                    <li><a class="icns-android" href="#">Android SDK</a></li>
+                    <li><a class="icns-html5" href="/docs/html5-javascript-sdk">HTML5 / JavaScript SDK</a></li>
+                    <li><a class="icns-windows" href="#">Windows 8 / Windows Phone / .net SDK</a></li>
+                    <li><a href="/docs/nodejs-module">Node.js module</a></li>
+                    <li><a href="/docs/ruby-gem">Ruby gem</a></li>
+                    <li><a href="#">Ruby on Rails gem</a></li>
+                    <li><a href="#">PHP library</a></li>
+
+                    <li class="nav-header"><span>Internals</span></li>
+                    <li><a href="#">Design & Goals</a></li>
+                    <li><a href="#">Java Architecture</a></li>
+                    <li><a href="#">Cassandra Schema</a></li>
+                    <li><a href="#">Contributing</a></li>
+
+                    <li class="nav-header"><span>Operations</span></li>
+                    <li><a href="#">Deploying</a></li>
+                    <li><a href="#">Monitoring</a></li>
+                    <li><a href="#">Upgrading</a></li>
+                    <li><a href="#">Security</a></li>
+                </ul>
+            </div>
+        </div>
+
+        <div class="col-md-9 main-article" role="main">
+            <div class="page-article">
+                <div class="page-header">
+                    <h1>Authentication and access in App services</h1>
+                  <small><a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/authentication-and-access-app-services-0/">contribute to this article on github</a></small>
+                </div>
+                <div class="toc">
+	<ul>
+<li>
+<a href="#authentication-and-access-in-app-services">Authentication and access in App services</a><ul>
+<li>
+<a href="#access-types">Access types</a><ul>
+<li><a href="#organizations">Organizations</a></li>
+<li><a href="#admin-users">Admin users</a></li>
+</ul>
+</li>
+<li><a href="#applications">Applications</a></li>
+<li><a href="#application-users">Application users</a></li>
+<li><a href="#using-an-access-token">Using an access token</a></li>
+<li><a href="#safe-mobile-access">Safe mobile access</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<h1 id="authentication-and-access-in-app-services"><a href="#authentication-and-access-in-app-services">Authentication and access in App services</a></h1>
+<p>App services requests are authenticated via OAuth (Open Authorization) 2.0. OAuth is an authentication mechanism that allows users to grant access to their web resources or mobile apps safely, without having to share their passwords. The analogy of a valet key is sometimes used to describe OAuth, because users can permit general access, but limit access rights to perform certain operations. Instead of an app user having to share a password, OAuth enables access using a security token tied specifically to an app and device.</p>
+<p>Unlike OAuth 1.0, which requires special support in the client code for signing requests, OAuth 2.0 can be used by any web service client libraries. Although the OAuth 2.0 specification isn’t finalized yet, it is sufficiently complete so that many web service providers, including Google and Facebook, are now using it for authentication. More information about OAuth 2.0 is available at <a href="http://oauth.net/2/">oauth.net</a>.</p>
+<h2 id="access-types"><a href="#access-types">Access types</a></h2>
+<p>App services take advantage of standard OAuth 2.0 mechanisms that require an access token with data operation requests. To obtain the access token, you connect to an appropriate web service endpoint and provide the correct client credentials. The credentials required to get the token depend on the type of access you need.</p>
+<p>There are four access types.</p>
+<table>
+<thead><tr class="header">
+<th align="left">Access Type</th>
+<th align="left">Description</th>
+</tr></thead>
+<tbody>
+<tr class="odd">
+<td align="left">Organization</td>
+<td align="left">Full access to perform any operation on a App services organization account</td>
+</tr>
+<tr class="even">
+<td align="left">Admin User</td>
+<td align="left">Full access to perform any operation on all organization accounts of which the admin user is a member</td>
+</tr>
+<tr class="odd">
+<td align="left">Application</td>
+<td align="left">Full access to perform any operation on a App services application account</td>
+</tr>
+<tr class="even">
+<td align="left">Application User</td>
+<td align="left">Policy-limited access to perform operations on a App services application account</td>
+</tr>
+</tbody>
+</table><p>The <em>Organization</em> and <em>Application</em> access types are intended for server-side applications because they are “superuser” access mechanisms with few constraints on what they are permitted to do. When connecting via OAuth, you supply organization or application client ID and client secret parameters as client credentials. The Home page of the developer portal shows these parameters for the organization, while the Settings page displays them for the currently selected app.</p>
+<p>The <em>Admin User</em> and <em>Application User</em> access types are appropriate for connections on behalf of a known user account, such as an admin user who is a member of several organizations and has management rights to several apps, or an application user authorized for an application. When connecting via OAuth on behalf of a known user, you supply username and password parameters as client credentials.</p>
+<p>Each access type is discussed below, along with information on supplying an access token in an API request.</p>
+<h3 id="organizations"><a href="#organizations">Organizations</a></h3>
+<p>When you sign up for the App services developer portal, you create an organization account in addition to your personal admin user account. Access to a single organization requires client ID and client secret credentials (or an admin user can supply username and password credentials, as shown in the next section).</p>
+<p>As an example of accessing an organization, you can obtain your client ID and client secret values from the developer portal and connect to the following URL (substituting the correct values for &lt;client_id&gt; and &lt;client_secret&gt;):</p>
+<pre><code>https://api.usergrid.com/management/token?grant_type=client_credentials&amp;client_id=&lt;client_id&gt;&amp;client_secret=&lt;client_secret&gt;</code></pre>
+<p>The results show the access token needed to make subsequent API requests, as well as additional information about the organization:</p>
+<pre><code>{
+  "access_token": "gAuFEOlXEeCfRgBQVsAACA:b3U6AAABMqz-Cn0wtDxxkxmQLgZvTMubcP20FulCZQ",
+  "expires_in": 3600,
+  "organization": {
+    "users": {
+      "test": {
+        "name": "Test User",
+        "disabled": false,
+        "uuid": "7ff1946d-e957-11e0-9f46-005056c00008",
+        "activated": true,
+        "username": "test",
+        "applicationId": "00000000-0000-0000-0000-000000000001",
+        "email": "test@usergrid.com",
+        "adminUser": true,
+        "mailTo": "Test User &lt;test@usergrid.com&gt;"
+      }
+    },
+    "name": "test-organization",
+    "applications": {
+      "test-app": "8041893b-e957-11e0-9f46-005056c00008"
+    },
+    "uuid": "800b8510-e957-11e0-9f46-005056c00008"
+  }
+}</code></pre>
+<h3 id="admin-users"><a href="#admin-users">Admin users</a></h3>
+<p><em>Admin Users</em> are users of the Usergrid.com service as well as members of one or more organizations. In turn, an organization can have one or more admin users. Currently all admin users in an organization have full access permissions after they authenticate using their basic username and password credentials. In a subsequent release, App services will support a more fine-grained, delegated administration model in which access rights for admin users are configurable.</p>
+<p>As an example. to authenticate as an admin user, use the username and password values specified when you created your admin user account and connect to the following URL (substituting the correct values for &lt;username&gt; and &lt;password&gt;):</p>
+<pre><code>https://api.usergrid.com/management/token?grant_type=password&amp;username=&lt;username&gt;&amp;password=&lt;password&gt;</code></pre>
+<p>In these results, note the access token needed to make subsequent API requests on behalf of the admin user:</p>
+<pre><code>{
+  "access_token": "f_GUbelXEeCfRgBQVsAACA:YWQ6AAABMqz_xUyYeErOkKjnzN7YQXXlpgmL69fvaA",
+  "expires_in": 3600,
+  "user": {
+    "username": "test",
+    "email": "test@usergrid.com",
+    "organizations": {
+      "test-organization": {
+        "users": {
+          "test": {
+            "name": "Test User",
+            "disabled": false,
+            "uuid": "7ff1946d-e957-11e0-9f46-005056c00008",
+            "activated": true,
+            "username": "test",
+            "applicationId": "00000000-0000-0000-0000-000000000001",
+            "email": "test@usergrid.com",
+            "adminUser": true,
+            "mailTo": "Test User &lt;test@usergrid.com&gt;"
+          }
+        },
+        "name": "test-organization",
+        "applications": {
+          "test-app": "8041893b-e957-11e0-9f46-005056c00008"
+        },
+        "uuid": "800b8510-e957-11e0-9f46-005056c00008"
+      }
+    },
+    "adminUser": true,
+    "activated": true,
+    "name": "Test User",
+    "mailTo": "Test User &lt;test@usergrid.com&gt;",
+    "applicationId": "00000000-0000-0000-0000-000000000001",
+    "uuid": "7ff1946d-e957-11e0-9f46-005056c00008",
+    "disabled": false
+  }
+}</code></pre>
+<h2 id="applications"><a href="#applications">Applications</a></h2>
+<p>Users can access applications in three ways:</p>
+<ul>
+<li>With application client ID and client secret credentials</li>
+<li>With the client ID and client secret credentials of the organization that owns the application</li>
+<li>With username and password credentials of an admin user associated with the application’s organization</li>
+</ul><p>Using your client ID and client secret values (obtained from the Application Settings section of the developer portal), you can connect to the following URL (substituting the correct values for &lt;org-name&gt;,&lt;app-name&gt;, &lt;client_id&gt;, and &lt;client_secret&gt;):</p>
+<pre><code>https://api.usergrid.com/&lt;org-name&gt;/&lt;app-name&gt;/token?grant_type=client_credentials&amp;client_id=&lt;client_id&gt;&amp;client_secret=&lt;client_secret&gt;</code></pre>
+<p>The results show the access token needed to make subsequent API requests on behalf of the application:</p>
+<pre><code>{
+  "access_token": "F8zeMOlcEeCUBwBQVsAACA:YXA6AAABMq0d4Mep_UgbZA0-sOJRe5yWlkq7JrDCkA",
+  "expires_in": 3600,
+  "application": {
+    "name": "test-app",
+    "id": "17ccde30-e95c-11e0-9407-005056c00008"
+  }
+}</code></pre>
+<h2 id="application-users"><a href="#application-users">Application users</a></h2>
+<p><em>Application Users</em> are members of the “users” collection within an application. They are the actual users of an app and their data is stored separately from any other app in App services.</p>
+<p>Application users can authenticate with either basic username/password credentials or OAuth client ID and client secret credentials. When authenticated, these users can access App services entities depending on their assigned permissions, their roles, and the permissions assigned to those roles.</p>
+<p>Using the username and password values specified when the application user was created, you can connect to the following URL (substituting the correct values for &lt;org-name&gt;,&lt;app-name&gt;, &lt;username&gt;, and &lt;password&gt;):</p>
+<pre><code>https://api.usergrid.com/management/&lt;org-name&gt;/&lt;app-name&gt;/token?grant_type=password&amp;username=&lt;username&gt;&amp;password=&lt;password&gt;</code></pre>
+<p>The results show the access token needed to make subsequent API requests on behalf of the application user:</p>
+<pre><code>{
+  "access_token": "5wuGd-lcEeCUBwBQVsAACA:F8zeMOlcEeCUBwBQVsAACA:YXU6AAABMq0hdy4Lh0ewmmnOWOR-DaepCrpWx9oPmw",
+  "expires_in": 3600,
+  "user": {
+    "uuid": "e70b8677-e95c-11e0-9407-005056c00008",
+    "type": "user",
+    "username": "edanuff",
+    "email": "ed@anuff.com",
+    "activated": true,
+    "created": 1317164604367013,
+    "modified": 1317164604367013
+  }
+}</code></pre>
+<h2 id="using-an-access-token"><a href="#using-an-access-token">Using an access token</a></h2>
+<p>When you obtain an access token, you must provide it with every subsequent API call that you make. There are two ways to provide your access token.</p>
+<ul>
+<li><p>You can add the token to the API querystring:<br><br> https://api.usergrid.com/<org-name>/<app-name>/users?access_token=<access_token></access_token></app-name></org-name></p></li>
+<li><p>You can include the token in an HTTP authorization header:<br><br> Authorization: Bearer <access_token></access_token></p></li>
+</ul><p><strong>Note:</strong> The App services documentation assumes you are providing a valid access token with every API call whether or not it is shown explicitly in the examples. Unless the documentation specifically says that you can access an API endpoint without an access token, you should assume that you must provide it.</p>
+<h2 id="safe-mobile-access"><a href="#safe-mobile-access">Safe mobile access</a></h2>
+<p>For mobile access, it is recommended that you connect as an application user with configured access control policies. Mobile applications are inherently untrusted because they can be easily examined and even decompiled.</p>
+<p>Any credentials stored in a mobile app should be considered secure only to the level of the application user. This means that if you don’t want the user to be able to access or delete data in your App services application, you need to make sure that you don’t enable that capability via roles or permissions. Because most web applications talk to the database using some elevated level of permissions, such as root, it’s generally a good idea for mobile applications to connect with a more restricted set of permissions. For more information, see <a href="/managing-access-defining-permission-rules">Managing access by defining permission rules</a>.</p>
+            </div>
+        </div>
+    </div>
+    <div class="row">
+        <div class="col-md-3"></div>
+        <div class="col-md-9">
+            <div class="github-callout">
+                <strong>Questions?</strong> Please do <a href="https://groups.google.com/forum/#!forum/usergrid">ask on the mailing-list</a>!<br/>
+                <strong>Found an error?</strong> We’d greatly appreciate a pull request about <a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/authentication-and-access-app-services-0/">this article on github</a>.</div>
+        </div>
+    </div>
+</div>
+
+
+<footer class="bf-footer" role="contentinfo">
+    <div class="container">
+        <div class="row">
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="/">Home</a></li>
+                    <li class="nav-header"><a href="/community/">Community</a></li>
+                        <!-- <li><a href="/community#events">Events</a></li> -->
+                        <li><a href="/community/#mailing-lists">Mailing Lists</a></li>
+                        <li><a href="/community/#deployments">Deployments</a></li>
+                        <li><a href="/community/#committers">Commiters</a></li>
+                    <!-- <li class="nav-header"><a href="#">Docs</a></li> -->
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="https://github.com/usergrid/usergrid/" target="_blank">Code</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/stack" target="_blank">Server Stack</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/portal" target="_blank">Admin Portal</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/ugc" target="_blank">ugc command line</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ios" target="_blank">iOS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/android" target="_blank">Android SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/html5-javascript" target="_blank">HTML5/JS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/nodejs" target="_blank">node.js module</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby-on-rails" target="_blank">Ruby on Rails gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby" target="_blank">Ruby gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/php" target="_blank">PHP SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/java" target="_blank">Java SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/dotnet" target="_blank">.NET / Windows SDK</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header">Resources</li>
+                        <li><a href="http://github.com/usergrid/usergrid" target="_blank">GitHub Code</a></li>
+                        <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank">JIRA Bug Tracker</a></li>
+                        <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank">StackOverflow</a></li>
+                        <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4">IRC</a></li>
+                        <li><a href="https://twitter.com/usergrid" target="_blank">Twitter</a></li>
+                        <li><a href="http://incubator.apache.org/projects/usergrid.html" target="_blank">Podling Listing</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/LICENSE" target="_blank">License</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#requirements" target="_blank">Getting Started</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#contributing" target="_blank">Contribution Guidelines</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2"></div>
+            <div class="col-md-4">
+                <a class="twitter-timeline" href="https://twitter.com/search?q=%23usergrid" data-widget-id="401499136807038976"  data-related="usergrid" height="400px" style="overflow:hidden">Tweets about "usergrid"</a>
+                <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+"://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
+            </div> 
+        <!--
+            <div class="col-md-4">
+                <div class="input-group form-search">
+                    <input type="text" class="form-control search-query">
+                    <span class="input-group-btn">
+                        <button type="submit" class="btn btn-primary" data-type="last">Search</button>
+                    </span>
+                </div>
+            </div> -->
+        </div> 
+        <div class="row">
+            <div id="copyright">
+                <img src="/img/egg-logo.png" /><br/><br/>
+                <p>Apache Usergrid is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the name of Apache TLP sponsor. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.</p>
+                <p>Copyright © 2013 The Apache Software Foundation, Licensed under the Apache License, Version 2.0.<br>
+                Apache and the Apache feather logos are trademarks of The Apache Software Foundation.</p>
+                <p class="credits">Site designed & assembled with love by <a href="https://github.com/ryuneeee">@ryuneeee</a> + <a href="https://github.com/realbeast">@realbeast</a> + <a href="https://twitter.com/timanglade">@timanglade</a>.</p>
+            </div>
+        </div>
+    </div>
+</footer>
+
+<script type="text/javascript" src="/js/head.js"></script>
+<script type="text/javascript">
+    head.js("/js/jquery-1.10.1.min.js", "/js/bootstrap.min.js", "/js/usergrid-site.js");
+</script>
+<script type="text/javascript">
+    //IE outdate friendly warning if you don't want remove it
+    var $buoop = {vs:{i:8,f:3.6,o:10.6,s:3.2,n:9}}
+    $buoop.ol = window.onload;
+    window.onload=function(){
+        try {if ($buoop.ol) $buoop.ol();}catch (e) {}
+        var e = document.createElement("script");
+        e.setAttribute("type", "text/javascript");
+        e.setAttribute("src", "http://browser-update.org/update.js");
+        document.body.appendChild(e);
+    }
+</script>
+
+
+</body>
+</html>
\ No newline at end of file

Added: incubator/usergrid/site/publish/docs/basic-query-syntax/index.html
URL: http://svn.apache.org/viewvc/incubator/usergrid/site/publish/docs/basic-query-syntax/index.html?rev=1542910&view=auto
==============================================================================
--- incubator/usergrid/site/publish/docs/basic-query-syntax/index.html (added)
+++ incubator/usergrid/site/publish/docs/basic-query-syntax/index.html Mon Nov 18 06:09:23 2013
@@ -0,0 +1,287 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="utf-8">
+    <title>Apache Usergrid (incubating) — Basic query syntax</title>
+    <meta http-equiv="x-ua-compatible" content="ie=edge" />
+    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1" />
+    <meta name="keywords" content="Apache Usergrid, Usergrid, BaaS, Backend-as-a-Service">
+    <meta name="description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <meta property="og:title" content="Apache Usergrid" />
+    <meta property="og:description" content="An open-source Backend-as-a-Service stack for web & mobile applications, based on RESTful APIs." />
+    <!-- Loading Typekit -->
+    <script type="text/javascript" src="//use.typekit.net/ddl7izx.js"></script>
+    <script type="text/javascript">try{Typekit.load();}catch(e){}</script>
+    <!-- Loading Bootstrap -->
+    <link href="/bootstrap/bootstrap.min.css" rel="stylesheet" type='text/css'>
+    <link href="/css/bootflat.css" rel="stylesheet" type='text/css'>
+    <link href="/css/usergrid-site.css" rel="stylesheet" type='text/css'>
+    <link href="http://fonts.googleapis.com/css?family=Open+Sans:200,400,500,300,600,800,700,400italic,600italic,700italic,800italic,300italic" rel="stylesheet" type="text/css">
+    <link href="/css/font-awesome.min.css" rel="stylesheet" type='text/css'>
+
+    
+
+    <!-- HTML5 shim, for IE6-8 support of HTML5 elements. All other JS at the end of file. -->
+    <!--[if lt IE 9]>
+      <script src="js/html5shiv.js"></script>
+      <script src="js/respond.min.js"></script>
+    <![endif]-->
+</head>
+<body>
+
+    <header class="navbar navbar-inverse navbar-fixed-top bf-docs-nav secondary" role="banner">
+    <div class="container">
+        <div class="navbar-header">
+            <button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".bf-navbar-collapse">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+            </button>
+            <a href="/" class="navbar-brand">
+                <img id="home-logo" src="/img/apache_usergrid_logo_white_small.png" />
+            </a>
+        </div>
+        <nav class="collapse navbar-collapse bf-navbar-collapse" role="navigation">
+            <ul class="nav navbar-nav navbar-right">
+                <!--<li class="active"><a href="/docs/"><span class="icns icon-book"></span></a></li>-->
+                <li class=""><a href="/community/"><span class="icns icon-group"></span></a></li>
+                <li><a href="http://github.com/usergrid/usergrid" target="_blank"><span class="icns icon-github-sign"></span></a></li>
+                <!--<li><a href="https://trello.com/b/exQmJIOn/usergrid" target="_blank"><span class="icns icon-trello"></span></a></li>-->
+                <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank"><span class="icns icon-bug"></span></a></li>
+                <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank"><span class="icns icon-stackexchange"></span></a></li>
+                <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4" target="_blank"><span class="icns icon-comments"></span></a></li>
+                <!--<li><a href="https://groups.google.com/forum/#!forum/usergrid" target="_blank"><span class="icns icon-envelope"></span></a></li>-->
+                <li><a href="https://twitter.com/usergrid" target="_blank"><span class="icns icon-twitter"></span></a></li>
+            </ul>
+        </nav>
+    </div>
+    </header>
+
+
+<div class="container bf-docs-container">    
+    <div class="row">
+        <div class="col-md-3">
+            <div class="bf-sidebar hidden-print" role="complementary">
+                <ul class="nav nav-list">
+                    <li><a href="#">Getting Up & Running Locally</a></li>
+                    <li><a href="#"><code>ugc</code> — the Command-line Client</a></li>
+
+                    <li class="nav-header"><span>Concepts</span></li>
+                    <li>
+                        <a href="/docs/organizations-admins/">Organizations & Admins</a>
+                        <ul>
+                            <li>
+                                <a href="/docs/applications">Applications</a>
+                                <ul>
+                                    <li><a href="#">Roles & Permissions</a></li>
+                                    <li><a href="#">Queues</a></li>
+                                    <li><a href="#">Events & Counters</a></li>
+                                    <li>
+                                        <a href="#">Collections</a>
+                                        <ul>
+                                            <li><a href="#">Query Language</a></li>
+                                            <li><a href="#">Users & Devices</a></li>
+                                            <li><a href="#">Groups</a></li>
+                                            <li><a href="#">Activities</a></li>
+                                            <li><a href="#">Assets</a></li>
+                                        </ul>
+                                    </li>
+                                </ul>
+                            </li>
+                        </ul>
+                    </li>
+
+
+                    <li class="nav-header"><span>Usage</span></li>
+                    <li><a href="/docs/rest-api">REST API</a></li>
+                    <li><a class="icns-apple" href="#">iOS SDK</a></li>
+                    <li><a class="icns-android" href="#">Android SDK</a></li>
+                    <li><a class="icns-html5" href="/docs/html5-javascript-sdk">HTML5 / JavaScript SDK</a></li>
+                    <li><a class="icns-windows" href="#">Windows 8 / Windows Phone / .net SDK</a></li>
+                    <li><a href="/docs/nodejs-module">Node.js module</a></li>
+                    <li><a href="/docs/ruby-gem">Ruby gem</a></li>
+                    <li><a href="#">Ruby on Rails gem</a></li>
+                    <li><a href="#">PHP library</a></li>
+
+                    <li class="nav-header"><span>Internals</span></li>
+                    <li><a href="#">Design & Goals</a></li>
+                    <li><a href="#">Java Architecture</a></li>
+                    <li><a href="#">Cassandra Schema</a></li>
+                    <li><a href="#">Contributing</a></li>
+
+                    <li class="nav-header"><span>Operations</span></li>
+                    <li><a href="#">Deploying</a></li>
+                    <li><a href="#">Monitoring</a></li>
+                    <li><a href="#">Upgrading</a></li>
+                    <li><a href="#">Security</a></li>
+                </ul>
+            </div>
+        </div>
+
+        <div class="col-md-9 main-article" role="main">
+            <div class="page-article">
+                <div class="page-header">
+                    <h1>Basic query syntax</h1>
+                  <small><a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/basic-query-syntax/">contribute to this article on github</a></small>
+                </div>
+                <div class="toc">
+	<ul>
+<li>
+<a href="#basic-query-syntax">Basic query syntax</a><ul>
+<li><a href="#basic-syntax">Basic syntax</a></li>
+<li><a href="#supported-operators">Supported operators</a></li>
+</ul>
+</li>
+</ul>
+</div>
+<h1 id="basic-query-syntax"><a href="#basic-query-syntax">Basic query syntax</a></h1>
+<p>Queries of Apigee data for Apache Usergrid are made up of two kinds of statements: the path to the collection you want to query, followed by the query language statement containing your query. These two statements are separated by “?ql=” to indicate where the query language statement starts.</p>
+<blockquote>
+<p><strong>Note:</strong>Query examples in this content are shown unencoded to make them easier to read. Keep in mind that you might need to encode query strings if you’re sending them as part of URLs, such as when you’re executing them with the cURL tool.</p>
+</blockquote>
+<blockquote>
+<p><strong>Note:</strong> The syntax of Apache Usergrid queries only <em>resembles</em> SQL to make queries familiar and easier to write. However, the language isn’t SQL. Only the syntax items documented here are supported.</p>
+</blockquote>
+<h2 id="basic-syntax"><a href="#basic-syntax">Basic syntax</a></h2>
+<p>To retrieve items from a collection, you would use a syntax such as the following:</p>
+<pre><code>/&lt;collection&gt;?ql=&lt;query_statement&gt;</code></pre>
+<p>In the following example, the query is retrieving all users whose name is Gladys Kravitz.</p>
+<pre><code>/users?ql=select * where name = 'Gladys Kravitz'</code></pre>
+<p>The following example selects all items except those that have an a property value of 5:</p>
+<pre><code>/items?ql=select * where NOT a = 5</code></pre>
+<p>Note that there is a shortcut available when your query selects all items matching certain criteria – in other words, where you use a statement that starts “select * where”. In this case, you can omit the first part of the statement and abbreviate it this way:</p>
+<pre><code>/items?ql=NOT a = 5</code></pre>
+<h2 id="supported-operators"><a href="#supported-operators">Supported operators</a></h2>
+<p>The following table lists more of the operators that you can use in queries. Others are described later in this section.</p>
+<p>Category</p>
+<p>Component Name</p>
+<p>Example</p>
+<p>Equality operations</p>
+<p>Less than</p>
+<pre><code>'&lt;' or 'lt'</code></pre>
+<p>Less than equal</p>
+<pre><code>'&lt;=' or 'lte'</code></pre>
+<p>Equal</p>
+<pre><code>'=' or 'eq'</code></pre>
+<p>Greater than equal</p>
+<pre><code>'&gt;=' or 'gte'</code></pre>
+<p>Greater than</p>
+<pre><code>'&gt;' or 'gt'</code></pre>
+<p>Not equal</p>
+<pre><code>NOT &lt;some_expression&gt;</code></pre>
+<p>Logical operations</p>
+<p>Intersection of results</p>
+<pre><code>and</code></pre>
+<p>Union of results</p>
+<pre><code>or</code></pre>
+<p>Subtraction of results</p>
+<pre><code>not</code></pre>
+<p> </p>
+            </div>
+        </div>
+    </div>
+    <div class="row">
+        <div class="col-md-3"></div>
+        <div class="col-md-9">
+            <div class="github-callout">
+                <strong>Questions?</strong> Please do <a href="https://groups.google.com/forum/#!forum/usergrid">ask on the mailing-list</a>!<br/>
+                <strong>Found an error?</strong> We’d greatly appreciate a pull request about <a href="https://github.com/timanglade/usergrid-site/blob/master/content/docs/basic-query-syntax/">this article on github</a>.</div>
+        </div>
+    </div>
+</div>
+
+
+<footer class="bf-footer" role="contentinfo">
+    <div class="container">
+        <div class="row">
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="/">Home</a></li>
+                    <li class="nav-header"><a href="/community/">Community</a></li>
+                        <!-- <li><a href="/community#events">Events</a></li> -->
+                        <li><a href="/community/#mailing-lists">Mailing Lists</a></li>
+                        <li><a href="/community/#deployments">Deployments</a></li>
+                        <li><a href="/community/#committers">Commiters</a></li>
+                    <!-- <li class="nav-header"><a href="#">Docs</a></li> -->
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header"><a href="https://github.com/usergrid/usergrid/" target="_blank">Code</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/stack" target="_blank">Server Stack</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/portal" target="_blank">Admin Portal</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/ugc" target="_blank">ugc command line</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ios" target="_blank">iOS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/android" target="_blank">Android SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/html5-javascript" target="_blank">HTML5/JS SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/nodejs" target="_blank">node.js module</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby-on-rails" target="_blank">Ruby on Rails gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/ruby" target="_blank">Ruby gem</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/php" target="_blank">PHP SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/java" target="_blank">Java SDK</a></li>
+                    <li><a href="https://github.com/usergrid/usergrid/blob/master/sdks/dotnet" target="_blank">.NET / Windows SDK</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2">
+                <ul class="nav nav-list">
+                    <li class="nav-header">Resources</li>
+                        <li><a href="http://github.com/usergrid/usergrid" target="_blank">GitHub Code</a></li>
+                        <li><a href="https://issues.apache.org/jira/browse/USERGRID" target="_blank">JIRA Bug Tracker</a></li>
+                        <li><a href="http://stackoverflow.com/search?q=usergrid" target="_blank">StackOverflow</a></li>
+                        <li><a href="http://webchat.freenode.net/?channels=%23usergrid&uio=d4">IRC</a></li>
+                        <li><a href="https://twitter.com/usergrid" target="_blank">Twitter</a></li>
+                        <li><a href="http://incubator.apache.org/projects/usergrid.html" target="_blank">Podling Listing</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/LICENSE" target="_blank">License</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#requirements" target="_blank">Getting Started</a></li>
+                        <li><a href="https://github.com/usergrid/usergrid/blob/master/stack#contributing" target="_blank">Contribution Guidelines</a></li>
+                </ul>
+            </div>
+            <div class="col-md-2"></div>
+            <div class="col-md-4">
+                <a class="twitter-timeline" href="https://twitter.com/search?q=%23usergrid" data-widget-id="401499136807038976"  data-related="usergrid" height="400px" style="overflow:hidden">Tweets about "usergrid"</a>
+                <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0],p=/^http:/.test(d.location)?'http':'https';if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src=p+"://platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
+            </div> 
+        <!--
+            <div class="col-md-4">
+                <div class="input-group form-search">
+                    <input type="text" class="form-control search-query">
+                    <span class="input-group-btn">
+                        <button type="submit" class="btn btn-primary" data-type="last">Search</button>
+                    </span>
+                </div>
+            </div> -->
+        </div> 
+        <div class="row">
+            <div id="copyright">
+                <img src="/img/egg-logo.png" /><br/><br/>
+                <p>Apache Usergrid is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the name of Apache TLP sponsor. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.</p>
+                <p>Copyright © 2013 The Apache Software Foundation, Licensed under the Apache License, Version 2.0.<br>
+                Apache and the Apache feather logos are trademarks of The Apache Software Foundation.</p>
+                <p class="credits">Site designed & assembled with love by <a href="https://github.com/ryuneeee">@ryuneeee</a> + <a href="https://github.com/realbeast">@realbeast</a> + <a href="https://twitter.com/timanglade">@timanglade</a>.</p>
+            </div>
+        </div>
+    </div>
+</footer>
+
+<script type="text/javascript" src="/js/head.js"></script>
+<script type="text/javascript">
+    head.js("/js/jquery-1.10.1.min.js", "/js/bootstrap.min.js", "/js/usergrid-site.js");
+</script>
+<script type="text/javascript">
+    //IE outdate friendly warning if you don't want remove it
+    var $buoop = {vs:{i:8,f:3.6,o:10.6,s:3.2,n:9}}
+    $buoop.ol = window.onload;
+    window.onload=function(){
+        try {if ($buoop.ol) $buoop.ol();}catch (e) {}
+        var e = document.createElement("script");
+        e.setAttribute("type", "text/javascript");
+        e.setAttribute("src", "http://browser-update.org/update.js");
+        document.body.appendChild(e);
+    }
+</script>
+
+
+</body>
+</html>
\ No newline at end of file



Mime
View raw message