Yes, you are right the correct plugin is Grails Acegi. My mistake. Thanks CK.
--- Felipe Marin Cypriano Vitória - ES http://www.linkedin.com/in/felipecypriano On Wed, Feb 25, 2009 at 11:46 PM, CK <[email protected]> wrote: > Just a few quick notes: > 1) JSecurity uses the JSecurity framework. Grails Acegi plugin uses the > Acegi security framework, which is now called Spring Security. > > 2) You can configure session timeout either directly in the Session object > (retrieve it using getSession() in a controller or access to the session > object in a grails controller) or you can configure it for the entire web > app in the web.xml. There is a web.xml session timeout setting you can use > set. > > Whenever an ajax request hits the server and whenever you access the > session, it should automatically renew your session expire lease. These > ajax requests should be no different than a normal request to the server > requesting for a page. You can also manually force a session refresh > through the use of a Servlet Filter. > > On the client side using RPC, I have a defined LoginTimeoutException that > gets thrown for any RPC request that comes in after a session expires. The > RPC onFailure() will specifically check this exception and cause the browser > to reload the web page. This reload will then force the user to the login > page again. > > You can also have the client pop up a login dialog requesting for a > relogin. Submitting this login request should reauthenticate the user and > then recreate a new session. > > Hope this helps > -ck > > On Feb 25, 2009, at 8:45 AM, Felipe Cypriano wrote: > > I'm thinking in using Grails (JSecurity Plugin, which "is" Spring Security) > with GWT as the interface. Have you tried this? > > I haven't tested this yet, but the session expiration is a issue using GWT? > For example, the timeout for a session is 30 minutes, everytime GWT does an > "ajax" request the timeout counter is restarted or every 30 minutes with the > user didn't do a refresh (old school request) the session will expires? > > > Thanks, > > --- > Felipe Marin Cypriano > Vitória - ES > http://www.linkedin.com/in/felipecypriano > > > On Wed, Feb 25, 2009 at 6:14 AM, David <[email protected]> wrote: > >> >> I've added additional information (examples mainly) and will upload a >> jar ASAP in order to make it easy to test. >> >> And do not hesitate to give me feedback. >> >> David >> >> On Feb 22, 4:13 pm, jossey <[email protected]> wrote: >> > Hi David, >> > I really appreciate you sharing this. >> > Thanks. >> > >> > On Feb 19, 3:03 pm, David <[email protected]> wrote: >> > >> > > Hi everyone, >> > >> > > This is my second message promoting something I've put in my "GWT test >> > > area" :) I hope you'll find it useful : It may help people to >> > > integrate Spring Security with GWT applications in a clean (that's my >> > > non-objective POV ! :)) way. >> > >> > > Here is a small introduction on how it works ; a more detailed >> > > description is available on code.google.com. See the link at the end >> > > of this message. >> > >> > > First thing : it uses GWT-SL to use simple Spring beans to serve RPC >> > > calls. I've extended the original GWTHandler in order to provide a >> > > convenient way to manage Security exceptions. I've also provided a >> > > specific ExceptionTranslationFilter that can deal with security >> > > exception too. >> > >> > > With these two parts, people can handle both URL filtering and AOP >> > > strategies. >> > >> > > As usual, feel free to post your comments, I'll really appreciate your >> > > feedback. >> > >> > > Here is the URL of the Google Code's project : >> http://code.google.com/p/gwt-incubator-lib >> > >> > > David >> > >> > >> >> > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
