In my GWT application MyApp I'm using container managed security
(logon through html form with
action=j_security_check and input elements j_username and j_password).
Works fine except
when the application times out: the container doesn't allow the RPC
service to be executed anymore on the server,
Hello
There have been many approaches to securing GWT applications, I think
it all depends on your application workflow. But an approach similar to
yours that i'm used to follows:
- Create a servlet filter to filter requests for the GWT module
servlets. Then in the doFilter() method do
Thanks for your quick response and elaborate answer, Braheem!
I've tried a servlet-filter, but that didn't work for me since my
security constraint protects EVERY possible url within my app, see
following URL-pattern:
security-constraint
web-resource-collection
..