XSRF Initial Token Generation

2011-07-15 Thread batosai
Hi , I am trying to add XSRF protection to my app using the newly introduced method in 2.3 http://code.google.com/webtoolkit/doc/latest/DevGuideSecurityRpcXsrf.html , but I was wondering when and where is the value of the cookie (not the token) gets generated or set. I know that the token is gene

Re: Anybody has simple way to get Token when implement XRSF protection.

2011-07-12 Thread batosai
What would happen in the case of a load balancer and rpc requests switching from one server to another from the same client , is sticky sessions required ? On Jul 6, 4:32 pm, David Chandler wrote: > Hi Joey, > > The XSRF token is stateless so you only need to call the XsrfTokenService > once per

Re: best practices for gwt caching

2009-02-18 Thread batosai
Thanks shawn for the feedback. I know that there are files like the *.cache.* files produced by the compiler with hash values that are unique for every build. So we can cache them for a long time using http server (apache in my case ) by setting the cache-control header for a max age for a year or

best practices for gwt caching

2009-02-17 Thread batosai
I am working on optimizing my gwt app performance and I was looking at caching among other things. But I noticed that there are only a few posts that address the best practice of caching for GWT apps. (e.g. etags , mod_expires) I wanted to start a discussion on the matter and I would appreciate