Use a framework to manage security concern, for example Spring Security. This framework use HttpSession for example
2011/5/26 Renato Beserra <[email protected]> > Hey guys, > > I am developing a GWT application that requires login and I am using GWT > RPC. I implemented a simple login/session feature that is handled with calls > to the database to verify the authenticity of the session ID. > > I know that this is not efficient, but i am hesitating to use HTTPSession > because i didn't find good information about its use with GWT. > > So, my question is: Should I use HTTPSession? I have the feeling that > everything would stay only at memory and that could make the application > less robust. > > I have concerns regarding security so I intend to use a HTTPS connection. > Is that enough to prevent forged requests? > > I am just getting started with web development, so any links and > explanations would be very useful. > > I already looked the following links about this subject: > > > http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1 > > http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ > > > Thanks in advance! > > -- > Renato Beserra Sousa > Brazil > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
