Total agreement with Arjan's point about stateful client/stateless server, i.e., manage session on the client.
I'd go further and say that if the goal of all this session object access is authorization, then you can get even leaner and more "webby" by letting the browser and the web server manage that via HTTP standards. I think it's a shame that application designers are having to deal with auth info at the application layer. It messes up design, and by virtue of being bespoke and unique on every project, it opens up security holes. Walden On Sep 15, 3:34 am, arjanDOTTYbroerATgmailDOTTYcom <[EMAIL PROTECTED]> wrote: > One of the beatiful things of GWT is that you do not need a server > side session. You can make the server stateless and keep track of > application state at the client side. So if you need an object set > after login, just save it in your entery point or in a global > accessible object (static). > When ever you want to authorize user actions at the server, pass only > a token. At login return a token from the server to the client. Make > sure to save this token in a table on the server. Then whenever a user > performs a request, send the token along with the request and validate > the token on the server side. > This way your server is stateless and very fast. In a cluster you are > not bound to a specific server and that has all kinds of advantages. > > Or to keep it short: track state at client. > > Regards, > Arjan > > On 15 sep, 07:43, "Manik Chand" <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > Your question is not clear. > > Please write in detail. > > You are asking: - How to save Object in Session? > > > for storing any object in session you have to access HttpSession Object. > > To do that use following code. > > HttpSession sessionObj = getThreadLocalRequest().getSession(); > > > And now if you need Object at client then you should write > > method in the class which extends "RemoteServiceServlet"; > > > But that object must be serialized other wise you cant get that object. > > > On 9/15/08, Sebastien <[EMAIL PROTECTED]> wrote: > > > > On client side, you can use a static variable to store your data. > > > > On 15 sep, 05:32, "Ian Petersen" <[EMAIL PROTECTED]> wrote: > > >> On Sun, Sep 14, 2008 at 11:00 PM, hezjing <[EMAIL PROTECTED]> wrote: > > >> > What I want is how to access the session from the client code? > > > >> Impossible. The session exists on the server only. > > > >> Ian > > > -- > > Manik Chand > > Software Engineer > > Exact Software Pvt. Ltd. > > 403, 4th Floor, Accord Complex, > > Station Road, > > Goregaon(East), > > Mumbai - 400063 > > Cell No. : +91 9220984430www.exact-solutions.com- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
