Correct.  I lean to the pessimistic side for most of my apps.  I did not
implement a "remember me" feature.

If I was developing gadgets/etc. I would not be so pessimistic.  Most of my
apps are authenticating via ldap so users must already belong to our
community and viewing/editing employee or student information.

-W

On Thu, Jun 21, 2012 at 2:10 PM, Nikola Markovic <[email protected]>wrote:

>
>
> On Thursday, June 21, 2012 4:54:42 PM UTC+2, Williame wrote:
>
>> When a user authenticates the first time in the server side session I add
>> a couple of attributes that are never visible client side.  On any
>> subsequent request to the server within my servlets I check to see if the
>> session is null or not, then also are these special session attributes set.
>>  if not set I consider it an invalid, unauthorized request and kick them
>> out of the app, back to the login screen.
>>
>> What if the user logs in and shuts down the browser and turns it back on
> ? Even though you logged in just a minute ago, you will be logged out, if I
> understood your approach correctly.
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google Web Toolkit" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-web-toolkit/-/WLpGllHAsyUJ.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/google-web-toolkit?hl=en.
>



-- 
William Eubank
Sr Software Development Lead
VBRH, M-1F
i.t. solutions
256-824-5375
[email protected]

****No trees were harmed in sending this message but a few electrons were
mildly inconvenienced.****

-- 
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to