Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I implement a login-screen in GWT?

I'm writing a small GWT front-end for a backend app and I was wondering about the best security model for GWT apps?

I was thinking of implementing an RPC method that receives an MD5 of a user password from the client webpage, then passing back a session ID to the client page (or a failcode). All subsequent calls would simply use the session ID and the server would keep a track that the IP address for the session ID is the same IP address that created the session ID?

Is this the standard mechanism for (non-ssl) authentication for GWT applications?

If not, can anyone suggest alternative solutions?

Thanks,

like image 384
Chris Avatar asked Jun 22 '10 01:06

Chris


1 Answers

This page by google gives a good overview of the security and tasks associated with logging in users. The link on that page to Security for GWT Applications also addresses several common gotchas specifically associated with GWT.

like image 89
Pace Avatar answered Sep 27 '22 21:09

Pace