Then it seems possible, though perhaps hairy to make it work with a fat client app. Since login verfication is still done serverside, the fat client just launches some form of browser (say, embed a WebView in android) to let the user log in, and verifies successful login at the server using whatever communication protocol the fatC-S uses. Iirc, you can hook javascript functions into an android WebView, so you'll even get the callback when the user logs in. No clue how flexible other mobile-OSes are, but if they don't support easy access to browsers, and if the OpenId login pages depend on javascript it can get quite hairy.
Gert On Jun 24, 2:19 am, Gabriel Guerrero <[email protected]> wrote: > There is no problem to implement openId in gwt, we did in our project, > (we support normal login and openId) what we do is at the login page > the login submit button opens a open id web site in a new window when > the user finish the login in the new window open id provider calls > back a user page in our new window that uses a js close the new window > and call a js in the original window that reloads that page, the > server checks the login and forwards to the proper gwt page, for > relogin process is similar but because the gwt app is already loaded > we have a gwt dialog similar to the login page that again opens the > openid provider login page in a new window (so state of the app is not > lost), the gwt app has a jsni method to reload the user this method is > called by the new window when the login is successful > > Cheers > Gabriel > > On Jun 23, 3:36 pm, Mark <[email protected]> wrote: > > > >> why couldn't you implement it [OpenID] in a fat client if you so desired > > > Not saying I'm an expert with OpenID, but basically OpenID requires on > > the ability for the user to be redirected to an OpenID provider site > > for authentication. Example: I go towww.mysite.com, and instead of a > > login form, I just see: > > > "Login using your google, yahoo, myspace or xyz account" > > > I click on one of the above buttons. Now (depending on the provider) I > > will get redirected to their website to enter my authentication info. > > So if I'm a gmail user, I'd get redirected to a google login page. > > After entering my info, I get redirected again back towww.mysite.com. > > Google returns some user token info identifying me now. > > > On a thick-client, the redirection isn't possible, I mean I could ask > > for the user's authentication info directly, but I doubt many people > > would trust doing that! The OpenID kind of relies on being able to > > redirect the user and seeing in the address bar that they're > > authenticating with their real provider, not some phishing site. > > > Thanks > > > On Jun 23, 3:26 am, gscholt <[email protected]> wrote: > > > > On Jun 23, 4:13 am, Mark <[email protected]> wrote: > > > > > The bigger problem for me is that I am using GWT to make the web-app > > > > portion of a larger app, which can also be accessed from iPhone/ > > > > Android/BB thick-clients. In those cases, I cannot useOpenID, and > > > > would hate to support more than one login system. For example, my web > > > > clients would useOpenID, Android/iPhone/BB clients would sign up > > > > using an old-style new username/password system. Maintaining that > > > > would be kind of annoying I think. > > > > Well, asking users to log in to the same system using different > > > accounts seems wrong indeed :) > > > Not knowing much aboutopenID, why couldn't you implement it in a fat > > > client if you so desired? > > > > Gert > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
