我如何实现GWT的登录屏幕？ [英] How do I implement a login-screen in GWT?

问题描述

我正在写一个小的GWT前端后端的应用程序，我想知道关于GWT应用的最佳安全模式？

I'm writing a small GWT front-end for a backend app and I was wondering about the best security model for GWT apps?

我想执行接收从客户机的网页用户口令的MD5一个RPC方法，则会话ID传递回客户端页（或失败code）所示。所有后续调用将简单地使用会话ID和服务器将保留曲目，对于会话ID的IP地址是创建会话ID相同的IP地址？

I was thinking of implementing an RPC method that receives an MD5 of a user password from the client webpage, then passing back a session ID to the client page (or a failcode). All subsequent calls would simply use the session ID and the server would keep a track that the IP address for the session ID is the same IP address that created the session ID?

这是对GWT应用程序（非SSL）身份验证？

Is this the standard mechanism for (non-ssl) authentication for GWT applications?

如果没有，任何人都可以提出替代解决方案？

If not, can anyone suggest alternative solutions?

谢谢，

推荐答案

此页面由谷歌给出了在用户登录相关的安全和任务的一个很好的概述。该网页上的链接<一个href=\"http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1\">Security对于GWT应用还涉及专门与GWT相关的几个常见的问题。

This page by google gives a good overview of the security and tasks associated with logging in users. The link on that page to Security for GWT Applications also addresses several common gotchas specifically associated with GWT.

这篇关于我如何实现GWT的登录屏幕？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！