On 03/05/2010 09:57 AM, Marley wrote: > > > On Mar 5, 11:17 am, Chris Lercher <[email protected]> wrote: >> I personally wouldn't expect an authentication/authorization component >> from a client side framework. Especially, because the login/logout >> often happens outside the context of the GWT app. > > Often is not always. The GWT app needs to know about login/logout > though. > > >> Security can only be provided by the server. > > Not sure i fully understand what you are getting at here. Yes, your > data is coming from the server, just as all data from a web > application which does anything. The client still needs to know > various things about who is logged in and what they can see. > > >> >> Yes, you're right, the GWT documentation (or some blog somewhere) >> could provide an example how to set things up for different scenarios >> (note that there _is_ documentation on this for AppEngine in the GWT >> tutorial! And it involves only a few steps.) > > GWT does not have to be used as part of the AppEngine. > > From my perspective, security bridges both the client and the server. > Right now it is very painful to implement and feel good that you > covered all the basis. IMO, the whole point of a Web Application > Framework is to simplify development. Authentication/Authorization is > currently a pain in the ass to deal with and I do not see why it needs > to be. >
Application implementation features are so sufficiently disparate that they discourage specific toolkit implementations. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
