JN, I am summarizing below what i understood from the discussion 1. User logins to the Application - The session id is created on the server side and sent back to the client. 2. For every request from the client, the client sends the session id as part of the request. ( can't be cookies as per the loginsecurityFAQ ) 3. The overwritten RequestTransport sets the session id in the HTTP Header ( this is happening on the client side. Is this right?) 4. The overwitten RequestFactoryServlet gets this session id from the HTTP header and validates the user state using the session id ( this is happening on the server side ) 5. If the validation fails RequestFactoryServlet sends an Exception, which is again handled by the overwritten RequestTransport (the client handling part as per Thomas suggestion )
Is the above understanding correct. I confused with the Payload and HttpHeader, are they the same? Kathir. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
