I think the reason it is "left as an exercise" is because each servlet container handles authentication differently. The basic concept is to secure your servlet calls in one way or another, typically defined in the web.xml.
Your first step is to understand how servlet security and authentication works. It isn't exactly a GWT responsibility. On Jan 8, 12:28 pm, wstrange <[email protected]> wrote: > What is the status of GWT > RPC-Auth:http://code.google.com/p/google-web-toolkit/wiki/RpcAuth > > The reason I ask is there seems to be a woeful lack of concrete > examples on how to write secure GWT applications. There are many > postings that explain the theory of how to write such applications - > but for the most part "the implementation details are left as an > exercise for the reader..." . > > This seems to be a very fundamental issue for GWT, and I am surprised > that there is no out of box support for authN/authz. It would be > really nice to have support for OpenID / OAuth. > > Does anyone have a downloadable *working* example of a GWT application > that uses OpenID? > > Thanks > > Warren
-- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
