BlackBerry Webworks Facebook Post

Facebook integration with an Webworks app, can be a really tricky matter. If you ever tried this you’ve noticed that the Facebook JavaScript SDK, don’t work in the widget and also that the Facebook BlackBerry SDK, is intended for JDE project and also don’t work on a Webworks project.

The best thing that I’ve found in the web that partially solved this, was to use ChildBrowser-plugin-for-BlackBerry, that maybe it used to work, but since some new modifications in the Facebook API, it doesn’t work anymore…

Actually with the ChildBrowser-plugin-for-BlackBerry, I was able to login and retrieve the token using the Torch 9800 simulator, but it just didn’t work for the Bold( device or simulator), so I needed to dive more deeply into it.

I’ve notice this plugin used a BrowserField to connect to Facebook and that it make no sense that it worked on the Torch simulator and not on Bold.

On the Bold device, when I tried to login, it just refreshed the page and didn’t login adding some Security notice.

Since the login worked on any other desktop browser, I’ve opened a sniffer and looked at how was the communication between the browser and Facebook.

Then I’ve also debugged the webworks app and noticed that the only difference between them were that the BlackBerry app was sending an x-wap-profile and maybe this was the reason why Facebook was rejecting the communication.

To be able to set those headers, I needed to create my own ProtocolController, and by doing this I could trick Facebook to think that actually it was a Desktop browser trying to connect. I’ve also had to implement the ability to store and send cookies, and after doing that I was able to connect to Facebook and actually retrieve the token.

Since I used the ChildBrowser-plugin-for-BlackBerry, I think that it’s only fair that I also share my progress, and so you can download it from here BlackBerry-Webworks-Facebook-Post


Best regards,

Daniel Botelho

J2ME References


So I’ve started developing for J2ME devices and I’ve noticed that there aren’t many information around, so I’ve decided to start bookmarking some useful links.


Image Manipulation


Blackberry Javascript Extension using an external library

I have a BlackBerry WebWorks project that needed to use Omniture reporting. Since Omniture already have an library for BlackBerry, I’ve decided to create an JavaScript Ext that would expose that functionality to the web application.

The only thing that you need to do differently from creating another regular JS Ext is that you need to include a new “<dependencies>” tag in the library.xml file, with the relative location of the external library.
Here it’s the example:

   <feature id="xxx" version="1.0.0" >XXX</feature>
   <jar path="omni.jar" />

Protect your clients: Save hashed passwords in your database!

I’m always surprised when I open my Feed reader and over and over again I stumble upon another report saying that some website store users passwords in plain text and that those passwords got exposed.

Now, why do you need to store those passwords in plain text?

Just hash them in the database and when some user tries to login into your site, hash the password that he gave you and try to match it with the one that is stored in database.

Now if someone cracks your database security the users will not be harmed because they don’t get access to theirs passwords (at least in plain text)!

If you want to add an extra protection, append a “salt” string to the users password and hash the new string all together. (This is how it’s done in symfony sfGuardPlugin