I handle this in the following way:
Use a servlet filter to check the status of the authentication. Check
the URL requested (this can be done using a specific kind of filter
mapping and initialization parameter), if it is a GWT request then
send back an encoded exception that the GWT client
What do you mean by server push? Could you maybe elaborate on your
approach a little, thanks.
On Mar 6, 5:11 pm, Rakesh rake...@gmail.com wrote:
we use server push for session time out and it works really great!
On Feb 28, 1:26 am, marcelstoer mar...@frightanic.com wrote:
Is there some
we use server push for session time out and it works really great!
On Feb 28, 1:26 am, marcelstoer mar...@frightanic.com wrote:
Is there some consensus or best practice in the GWT community as for
how to deal with session timeout and container managed security? There
are some pointers if you
Thanks for your feedback. I can see where your approach comes from
given the mentioned scenario.
However, I neither do want to check for proper i.e. still valid
authentication in all of my RemoteServiceServlet methods nor would I
want my GWT application tie to an authentication mechanism at all.
Hhhmm, the community being quiet can mean a lot of things...none are
really positive.
Was I talking about some dark GWT corners where no stable/proper
solutions exist?
Or is there simply no right way to solve my problem, but rather many
potential solutions that all have their flaws?
On Feb 28,
The problem with jumping ahead of the RemoteServiceServlet for your
authentication is that you don't have a good way to communicate to GWT
that there was an authentication exception.
I tend to do my JAAS login inside the RemoteServiceServlet where I can
throw a checked
Is there some consensus or best practice in the GWT community as for
how to deal with session timeout and container managed security? There
are some pointers if you search for this subject, but some of the
ideas are wild...
In my case I use the Servlet container's built in security features
for