I've seen some pretty heated debates around the discussion boards about this, but I haven't seen a solution that people decide on.
Simply put, any application that I want to write will likely perform some sort of mashup between other services, like Twitter. For me to do anything interesting, I need the user to enter their Twitter username and password into a GWT client-side control on my site, which I then send back to my app on running on GAE. I'll then use the password to log into Twitter with their credentials and do whatever if is I want to do, all the while not saving the users password in plain text anywhere. I have no interest in holding onto anyone's credentials. So what is the best way for me to do this? I am hearing people say that anything short of HTTPS is a waste of time. I guess this also becomes the larger issue of authentication generally, and I'm surprised there are still such heated discussions on the subject. I thought it'd be a done deal by now. So, if anyone could point my in the right direction, in the context of GWT+GAE, I'd much appreciate it. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---