Re: Get session object from ID sent in RCP

On 14 juil, 11:04, Torch <kurian...@gmail.com> wrote:
> The LoginSecurity FAQ says we must always send the session ID in the
> RCP. I am using the standard servlet sessions. After login I send the
> session ID back to the client. In subsequent RPCs the client sends the
> session ID as an RPC parameter. But how do I get the session object in
> the servlet using the session ID in the RCP? There is no function like
> getSession(id).

Checking that the ID sent with RPC is the same as the one of the
"current session" should be enough.
Katharina gives a good advice too, you'd then don't use the server-
side session mechanism at all.

--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.