Hi, Just wondering if my following authentication method is correct or not. Is there any pitfall or anything missing? Suggestions and discussions are very welcome.
1> User type user name and password, and send to the server by RPC. Comparing with the hashed value stored in DB. 2> Assuming the user name and password are accurate, an Auth Token is saved in session. The auth token will be checked when accessing the servlets. 3> The user id (integer) is returned to the client by RPC onSuccess. The user id is saved in a static variable on the client side. 4> Whenever the user specific information is needed, the rpc call with the user id (the static variable) will be sent from the client. Thanks -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-web-toolkit. For more options, visit https://groups.google.com/groups/opt_out.
