Use a framework to manage security concern, for example Spring Security.
This framework use HttpSession for example

2011/5/26 Renato Beserra <[email protected]>

> Hey guys,
>
> I am developing a GWT application that requires login and I am using GWT
> RPC. I implemented a simple login/session feature that is handled with calls
> to the database to verify the authenticity of the session ID.
>
> I know that this is not efficient, but i am hesitating to use HTTPSession
> because i didn't find good information about its use with GWT.
>
> So, my question is: Should I use HTTPSession? I have the feeling that
> everything would stay only at memory and that could make the application
> less robust.
>
> I have concerns regarding security so I intend to use a HTTPS connection.
> Is that enough to prevent forged requests?
>
> I am just getting started with web development, so any links and
> explanations would be very useful.
>
> I already looked the following links about this subject:
>
>
> http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1
>
> http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ
>
>
> Thanks in advance!
>
> --
> Renato Beserra Sousa
> Brazil
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google Web Toolkit" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/google-web-toolkit?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to