Hello! We have implemented an RPC-based authentication system in which browser sessions are authenticated and initialized by way of an RPC request. The RPC response contains a set-cookie header with the new JSESSIONID. This cookie (presumably) is sent to the server in subsequent RPC requests and is used by Tomcat to bind the HttpSession to the request. We validate the session id by sending it up in the payload of the request, per GWT team's recommendations. This all works fine and dandy on all browsers (chrome, ie 6/7/8, ff 2/3, safari 3) EXCEPT for Safari 4 Developer preview and the latest webkit nightlies. It appears that webkit refuses to abide by the Set-Cookie directive in the XHR response to the call to our login service. Has anybody else encountered this? Thoughts?
Thanks! --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
