Jeff, Yeah I have a working prototype of that working now. The route we've decided to take though is to have a developer mode and if set a request filter will auto authenticate allowing direct connection to GWT EntryPoint URLS with gwt.codeSvr included.
Thanks for all your help Jeff. -Adam On May 26, 10:14 am, Jeff Chimene <jchim...@gmail.com> wrote: > Hi Adam: > > I get what you're saying. > > Do you have control over the logout hook? If so, why not add some > intelligence that copies the gwt.codesvr parameter if it exists in the URL? > I don't see any security implications here (perhaps I'm not sufficiently > caffeinated) > > On Wed, May 26, 2010 at 5:25 AM, Adam <ambr...@gmail.com> wrote: > > Jeff, > > > Thanks for the quick response. Yes, basically if you follow the > > normal application flow you loose the gwt.codesvr parameter and > > therefore the debug module logic doesn't work. > > > As for the authentication, we do authenticate people outside of GWT. > > Our login process is actually done via struts. The issue is we have > > web filters that redirect a user to the login page if they're not > > authenticated yet. At the point of the redirect the gwt.codesvr is > > lost. Honestly I think we shot ourself in the foot with the > > javascript snippet that doesn't allow us to navigate away from the > > page. Even if you're putting the same URL in the location bar as > > shown it'll log you out. > > > Thanks for the code examples, I'll let you know what I end up doing. > > > -Adam > > > On May 25, 10:34 pm, Jeff Chimene <jchim...@gmail.com> wrote: > > > On 05/25/2010 01:14 PM, Adam wrote: > > > > > Hey Gang, > > > > > I'm having an issue with DevMode working properly. We're using > > > > noserver option and instead connecting to our JBoss application. I've > > > > configured the GWT Plugin in Eclipse to point to our entrypoint page. > > > > The issue is that container security redirects us to authenticate to > > > > the application. This in itself isn't really an issue because I can > > > > re-paste the link in the browser after authentication and I should be > > > > at my entrypoint. The issue is we do not allow the user to navigate > > > > away from our app without logging out. This is done through a simple > > > > javascript hook that posts to a logout if you try to change the URL in > > > > the location of the browser. The only way around this I've found is > > > > to use a browser with "Tab" support and login on one tab and then > > > > navigate to the GWT entrypoint including &gwt.codesvr= in another > > > > tab. > > > > > Ideally I'd like to be able to login and navigate to my entrypoint > > > > from within the app and have the debugging take place when I hit the > > > > GWT module. The issue is that &gwt-codesvr is lost once you start to > > > > click around on the application. > > > > > -Adam > > > > By "... click around on the application" I assume you mean the URL > > changes. > > > > You have to preserve the gwt.codesvr parameter on each URL. This isn't > > > difficult. > > > > I have a stand-alone login page that redirects to the GWT entrypoint. > > > The login page transmits the url to the GWT entrypoint. > > > > <script> > > > function getQueryVariable(variable) { > > > var query = window.location.search.substring(1); > > > var vars = query.split("&"); > > > for (var i=0;i<vars.length;i++) { > > > var pair = vars[i].split("="); > > > if (pair[0] == variable) { > > > return pair[1]; > > > } > > > }} > > > > </script> > > > </head> > > > > <body> > > > <form id='loginForm' action='cgi-bin/authenticate.cgi' > > > onsubmit="document.getElementById('gwt.codesvr').value=getQueryVariable('gwt.codesvr'); > > > return true;"> > > > <input type="hidden" name='gwt.codesvr' id='gwt.codesvr'/> > > > <span class="label">Username</span> > > > <input type="text" size='30' maxLength='50' id='username' /> > > > <span class="label">Password</span> > > > <input type="password" size='30' maxLength='50' id='password' /> > > > <input type="submit" value="login" /> > > > </form> > > > > I think the consensus is to perform authentication outside the GWT > > > environment. When authentication fails, you can have a lightweight GWT > > > session that redirects to the login page. By lightweight I mean to use > > > codesplitting or GIN to lazy-load the bulk of the application after > > > successfully authenticating. > > > > if (<<NOT AUTHENTICATED>>) { > > > UrlBuilder urlBuilder = Window.Location.createUrlBuilder(); > > > urlBuilder.setPath(CONSTANTS.urlLogin()); > > > if (null != Window.Location.getParameter("gwt.codesvr")) { > > > urlBuilder.setParameter("gwt.codesvr", > > > Window.Location.getParameter("gwt.codesvr")); > > > } > > > Window.Location.assign(urlBuilder.buildString()); > > > return; > > > > } > > > -- > > You received this message because you are subscribed to the Google Groups > > "Google Web Toolkit" group. > > To post to this group, send email to google-web-tool...@googlegroups.com. > > To unsubscribe from this group, send email to > > google-web-toolkit+unsubscr...@googlegroups.com<google-web-toolkit%2bunsubscr...@googlegroups.com> > > . > > For more options, visit this group at > >http://groups.google.com/group/google-web-toolkit?hl=en. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.