I'm implementing a simple app which require users to be logged in for some pages/actions. I get the idea about sessions and cookies, and after some reading I deduced that the best way is to only save the session id on the client side as a cookie. Then all communication with the server (that requires users validation) will be done by this session id.
The issue here is that sessions expire, some noted to user a timer on the client side to rest the sessions duration. But what if the user is inactive for a long time, *does that mean that the user has to login if the session has expired*? I know that sessions duration can be extended, but I don't reckon this is a good idea, or is it? How do you solve this simple yet complicated issue? -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To post to this group, send email to google-web-toolkit@googlegroups.com. Visit this group at http://groups.google.com/group/google-web-toolkit?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
