On the server compare the user's session id that you placed in your payload to the servlets current session id. If they aren't the same throw a custom exception and catch it on the client's onFailure method. Don't use the request's cookies session value because it is vulnerable to hijacking. Instead, when your user logs in copy their session id to a cookie on the client. Every time you make an rpc call include the session id up to the server.
Jeff On Wed, Feb 23, 2011 at 3:25 PM, joe kolba <joekolb...@gmail.com> wrote: > My app is currently built around the Spring framework and Spring Security + > GWT. Is there any way for me to redirect to login when a session expires or > when the user makes a RPC request when the session has expired? I was > thinking about creating a timer that tracks the time between RPC calls, once > the timer has gone above the allocated time I could do a Window redirect. > Any suggestions? > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To post to this group, send email to google-web-toolkit@googlegroups.com. > To unsubscribe from this group, send email to > google-web-toolkit+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > -- *Jeff Schwartz* http://jefftschwartz.appspot.com/ follow me on twitter: @jefftschwartz -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
