I am trying to implement a oauth authentication in a gwt application.
In this, initially a login page is shown- here the user chooses his oauth provider, then some data is stored in session and user is redirected to the oauth provider. After login, he is sent back to another page within the same GWT application.
That is how I want the flow to be, but I am confused about the data stored in session- the data stored before the user went to oauth provider’s website, will that still be accessible after the user is sent back, post successful login? Are there any conditions/catches in storing data in session, in a GWT application, that will affect the above scenario?
If your server side is java, everything in GWT is a servlet so there’s really no difference in how GWT works. Session has an expiry time once session is created it will be visible within whole application.
If third party page to your site redirection performs within session provided time.All the data you have stored in the session will be visible to you.