Send the user an email with a link to get him back into the app to a
specific item and operation. Eg, http://appid.appspot.com/host#!edit-item;id=someid
(host is a servlet mapping that calls my dynamic jsp gwt module host
page.)
The user clicks on the link, gets redirected to the login page as he
is not authentified. After login, he is redirected again to the
original URL.
I am using GWTP. My backend is Java on App Engine with Spring and
Spring Security.
Just found out that the history token, kept as an anchor in the URL,
never gets sent to the server. Sadly, that's part of the HTTP protocol
and there's no way around that.
However, with server side security intercepting a protected resource,
showing a login screen, and then redirecting to the original URL
(minus the anchor part), I obviously will return to the default page
for my GWT module.
So I guess that a stand-alone, html (or jsp) based login page is now
out of the question. Unless I encode the history token on the email
URL as query parameters and reprocess them if present while doing
navigations.
I don't have hard requirements to protect the GWT module. I could have
a GWT view for the login page.
Has someone done this (a GWT based login page in the same module)
using Spring Security on the server side?
Thank you,
Remy
--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
No comments:
Post a Comment