Oh. Now I got it. Thank you. I thought that making two files would also mean that there were two compiled javascripts, and the admin one could be protected with tomcat policy.
So, now I'm on this. I have a RPC LoginService that send me back a SessionID and a true boolean if it goes well, or it invalidates my Session using getThreadLocalRequest().getSession().invalidate(); If the boolean is true, the adminPanel is attached to the RootPanel. In the AdminPanel there's a fileUpload widget and more. When i try to upload a file, i send to the Java Plain Servlet that handles upload also my SessionID got from the RPC. Now, the UploadServlet checks if the two Sessions are the same, and works only if the result of the comparison is true. Is this a possible way to "secure" data like you said in your post before? Or is mine a stupid rambling speech? Thank you for your time and advice Nickelnext --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---
