walden schrieb: > However, I'm suggesting a simpler approach, one which I'm using on my > project, which is simply configuring your server to protect the > resources you want protected using HTTP Digest authentication. > Depending on what your server is, find the documentation on > configuring that. There's not a whole lot more to it.
HTTP Digest authentication has the same problem like Session-IDs in Cookies. A browser automatically transfer the authentication- credentials for every request, so you're in danger of successful cross-site-attacks. Regards, Lothar --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---