Actually my applications authentication is done by a third party. I need to call their API to authenticate. So I wont b able to use the HTTP authentication. But I think, Lothar's idea is worth trying. Thnx Lothar.
If anybody has any better suggestions plz post it here. - Litty On Tue, Nov 18, 2008 at 9:04 PM, olivier nouguier < [EMAIL PROTECTED]> wrote: > > I agree with walden in most case ... if classic HTTP auth is enough > let HTTP do the job !! > > But there is IMHO somes points hard to deal with only HTTP (and GWT > component of course): > * session expiration, because the GWT RPC will fail soon (401). > * forbiden because the GWT RPC will fail soon (403). > * activation of widget when authority is granted. > * logout (not possible with HTTP Basic). > > > > On Tue, Nov 18, 2008 at 3:53 PM, walden <[EMAIL PROTECTED]> > wrote: > > > > You could try the simplest thing that could possibly work...HTTP > > Authentication: let the existing security stack earn its keep. > > > > Walden > > > > On Nov 18, 6:52 am, "Litty Preeth" <[EMAIL PROTECTED]> wrote: > >> Hi All, > >> > >> What should be the best authentication ans session management in GWT > apps? > >> Currently I am having this idea: > >> > >> - Have a method checkSession() which will check for a valid > authenticated > >> session and throws an Exception if no valid session is there. > >> - Call this method in the beginning of every ServiceImpl method. > >> - In the onFailure of the async call backs catch this Exception and > >> display the login page. > >> > >> But this method has the following weak points: > >> > >> - Some developer may forget to call the checkSession method. > >> - There is code duplication in the onFailure implementation (Every > >> onFailure shud handle the authentication exception) > >> > >> So any of you have any better ideas? > >> > >> Regards, > >> Litty Preeth > > > > > > > > > -- > Si l'ignorance peut servir de consolation, elle n'en est pas moins > illusoire. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
