The only way to getting around passing session informartion back and forth between the client and the server would be to have a statefull server and client. It would also mean that your app would be far from secure as no form of authentication can be done on the requests that go back and forth (in fact, user identification has to be done on calling IP then I think).
So if you want to have some control over who does what, you will need to at least generate a session-ID to send along. All the server has to do is authenticate the user somehow, create a session, send the id to the client. The client can then send the ID along with all requests to identify itself. Be careful NOT to rely on cookie data from the client for the session-ID as this will make you vulnerable for Cross Site Request Forgery (XSRF being the term in short), however, for a chat app that does not seem to much of an issue. Some work has already been done on this, have a look at this for an elegant and secure solution: http://code.google.com/p/google-web-toolkit/wiki/RpcAuth Hope this helps. Patrick On Nov 18, 10:50 pm, str16star <[EMAIL PROTECTED]> wrote: > Thanks, your advise helped me solve the problem in 5 min. > > The code I was trying to call returns information about the user by > searching a database for a row with an id number that is set in the > session information and returning the data on that row. > > I've now put the search method in a class external to both Servlets, > so they can each call it (Never heard of a DAO before your message, so > thats my starter attempt). The only problem is that each time it's > called the method calling it has to get session information to pass to > it. Its only a couple of repeated lines in each servlet so I can live > with it but it's a little clumsy. > > Any suggestions? > > If not thanks again for the help. > > On Nov 18, 8:40 pm, walden <[EMAIL PROTECTED]> wrote: > > > Factor your server code. Service "Impls" are Servlets; you don't > > instantiate them. So take the parts that are needed by Chat (which > > are probably data access methods, right?), factor those out into a DAO > > object (not a Servlet), and call that from both "impls". > > > On Nov 18, 7:46 am, str16star <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > I'm just getting started with gwt and java, so this is probably quite > > > a simple question. > > > > I am building an app that has an RPC service called UserManagement so > > > the server side code is in UserManagementImpl > > > > I also have an RPC service called Chat. The ChatImpl class needs to > > > call methods from UserManagementImpl but any instances I try to create > > > of UserManagementImpl are always null. > > > > I'm using the following line of code in ChatImpl: > > > UserManagementImpl user = new UserManagementImpl(); > > > > I've tried it with an empty constructor method for UserManagmentImpl > > > and without. > > > > I can post more code if required. > > > > Any help appreciated. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
