I'm just chiming in to this, so this means with REST you have to send the whole state back and fourth between client and server on every request/response. So what does REST say about bandwidth, it's not a problem?
Cheers, /marc On Wed, 21 Apr 2010, Thierry Boileau wrote: > Hi Matt, > > from what I see, the authenticator just have to check the presence of the > user principals (set by GAE) in the authenticate(Request, Response): > !request.getClientInfo().getPrincipals().get(0). > > You can provide a verifier in order to check that the application knows the > user identified by the principal name (actually the user's mail) and set the > clientInfo#user. > > Best regards, > Thierry Boileau > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2591291 > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2591738