Sorry Walden. That was meant as a joke really, as well as do exactly what was expected - grab your attention by seeing a "Walden hates..." :) . Call it advertising of my message :). I didn't meant for you to actually hate something. Reading your messages I did gather you were talking about the right design and how developers in general aren't aware of this. I did want to state up front though that the reason I might not be able to use the approach for those mentioned above. However, I still would be interested to know on how to implement this so that I can be aware for future work. Again, sorry, if I came across as rude.
Any ideas on the original question though? Suri On Oct 23, 8:15 am, walden <[EMAIL PROTECTED]> wrote: > Wow. I'm reading through the messages and out of nowhere I suddenly > see "Walden hates....". > > Allow me to clarify. I don't "hate" anything you're doing in your > project. It's not my problem. I have observed mucho complexity in > the discussions here on how to do basic security stuff, and I think > I've observed that most people are like you: they have somehow been > weaned directly to the conventional but non-standard approach to web > security, without even knowing what the standard is or that it > exists. That seems a little out-of-kilter to me. It's as if I saw > someone in the supermarket trying to hold a dozen or more items in > their arms, unaware that there are shopping carts and baskets > ''designed for the purpose''. > > Sometimes a paradigm shift makes sense; sometimes it don't [sic]. > Your project: you decide. > > Walden > > On Oct 22, 10:03 pm, Suri <[EMAIL PROTECTED]> wrote: > > > Hey all, > > The Struts 1.1 app that I already have running currently validates a > > user's information from the session and based on that view/modify > > privileges are determined. Since now I'm trying to implement a GWT > > module within this application, I'd ideally like for the GWT code to > > be able to somehow call the already existing session data and the > > validation logic available in the Struts application (the logic has > > been set as part of the main Action class that is the parent for all > > Actions) . > > > 1) I see that using the getLocalThreadRequest() I could obtain the > > HttpServletRequest. So using this, can I get the session information > > (User object) and ultimately call upon the action (simply create an > > instance to call upon the action class) and pass the session > > information for validation? > > > 2) I also saw that the processCall can be overridden and I saw some > > people trying to create a way to be able to have the > > RemoteServiceServlet act as a by-way for the request to reach the > > custom framework. Would this be a better way overall to try to > > maintain the framework of the Struts application? If so, would this be > > similar to (1) where I create an instance of an action and call the > > method by passing the request,response arguments? or is there a more > > elegant way of doing what I want to do? So, this way the rest of my > > logic could go into the Action as well keeping the framework intact > > while the RemoteServiceServlet really acts as a bridge between teh GWT > > UI and the Struts framework. > > > Thanks for any information. From the reading I have gathered that > > Walden hates what I'm trying to do and would possibly suggest HTTP > > digest as an approach at some point :). I'd have to say > > 1) i have no clue about the method, ashamed to say it but true. > > 2) It probably would be deviating from the way my application > > currently validates and what I'm trying to do is make that > > consistent. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~----------~----~----~----~------~----~------~--~---