Hey guys, I am developing a GWT application that requires login and I am using GWT RPC. I implemented a simple login/session feature that is handled with calls to the database to verify the authenticity of the session ID.
I know that this is not efficient, but i am hesitating to use HTTPSession because i didn't find good information about its use with GWT. So, my question is: Should I use HTTPSession? I have the feeling that everything would stay only at memory and that could make the application less robust. I have concerns regarding security so I intend to use a HTTPS connection. Is that enough to prevent forged requests? I am just getting started with web development, so any links and explanations would be very useful. I already looked the following links about this subject: http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1 http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ Thanks in advance! -- Renato Beserra Sousa Brazil -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
