Not particularly. Instead of criticize your approach, I'll tell you how I would do it.
First, I'd use HTTP Basic or Digest authentication to log in the user. THis causes the browser to send full credentials on each request, so you don't have to bother with that or pollute your application interface with identity tokens. If you need to keep clear passwords off the wire, go with Digest. THis is not super security, but in lots of cases, it's plenty. Secondly, do your processing on a single GWT HTML host page. Now I can't design your application for you, but let's just say that the initial state of that page has a "View Inventory" button somewhere, and an empty panel somewhere that can hold a Table. Clicking the button results in an RPC request. Because you are authenticated, on the server side, the user's identity can be found via getUserPrincipal off the ServletContext. Now you know that "foobar" wants to see his inventory. Your database query will now dish up the correct set of inventory and your Service implementation will send back a collection of Inventory objects (not text, not XML) to your patiently awaiting GWT client, which will then proceed to construct a Grid or FlexTable and populate it with model data from the RPC request. How does that sound? Walden On Nov 11, 10:50 am, dondzes <[EMAIL PROTECTED]> wrote: > Here is a simple example of what I hope to do. A user inventory. Say > user foobar wants to see his inventory. I was thinking I would hash > his username to say xyz123 and then have the GWT app > fetchwww.acme.com/xyz123/inventory.txtand display the contents on the > pagewww.acme.com/inventory.html, this way each user could see their own > inventory by visiting the same page. Not sure what hashing methods I > have at my disposal yet. > > Is this a good approach ? > > On Nov 10, 8:16 am, walden <[EMAIL PROTECTED]> wrote: > > > > > You might be on the right track with cookies, but you might also be on > > the track of reinventing web security, and your mention of hashing the > > username to store private data makes me think this may be the case. > > How about giving a bird's eye view of what you are trying to build. A > > bunch of cookies is not a database, and it's not a security system. > > > On Nov 9, 3:15 am, rjcarr <[EMAIL PROTECTED]> wrote: > > > > You're probably on the right track with cookies. I don't see why you > > > wouldn't be able to test cookies in the hosted / shell mode. > > > > If the private data is sensitive, you'll want to be careful about > > > storing it. Alternatively, you could also store that information on > > > the server, but that will take knowledge of servlets and using some > > > kind of persistence. > > > > Good luck and welcome to GWT! > > > > On Nov 7, 7:07 am, dondzes <[EMAIL PROTECTED]> wrote: > > > > > I am new to web programming and GWT looks to be perfect tool for me to > > > > build web apps so I am excited about using it. I am still getting use > > > > to the restrictive nature of what you can do in the client and what > > > > J2SE classes are available for us. If it helps I am doign my > > > > development and testing with eclipse. > > > > > How do I test with cookie values ? Do I have to deploy to my real > > > > webserver in order to use cookie values in my app ? When I run my app > > > > in eclipse Cookies.getCookieNames returns an empty Collection, which I > > > > would expect. Can I load the GWT webserver or browser with cookie > > > > data ? > > > > > Assuming I can get the cookie data I need. How do I store and acces > > > > private user data. I am not sure what the proper web term but I was > > > > thinking I would creat some kind of hash of the username to make a url > > > > where that users private data could be stored and fetched by the GWT > > > > client app. Are there APIs for this sort of thing ? > > > > > Thanks > > > > David- Hide quoted text - > > > > - Show quoted text -- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
