Hello, I am in need of some advice about GWT authentication. Here's what I'm planning to do:
1. Embed a GWT application into a site served by a PHP CMS like Drupal, Joomla, Wordpress. 2. Let the CMS handle user registration and authentication. 3. After login, store the CMS Session ID in a javascript variable to make it accessable to the GWT app. 4. Forward the SessionID as a parameter to each servlet call. 5. The servlet queries the CMS session table from the CMS database to test if the supplied session is still valid and to determine the users id. 6. The user id is used for subsequent database operations... Sounds like a simple solution - at least it's the simplest approach to implement some kind of PHP and GWT single sign on i can think of. Now the question is, would this be a viable solution? And do you have any security or other concerns? Any advice is welcome, thank you! -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.