--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-we...@googlegroups.com.
To unsubscribe from this group, send email to google-web-tool...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
I once worked on a project that did the same thing. They noticed the
password remember stuff to late (they pretty much ignored it) and I had
to fix this issue.
After some research the conclusion I reached was that it's best to keep
the login process as "classical" as possible. By classic I mean, the
HTML should not be generated by JS, but be written by the server, and
the POST request should not be sent via Ajax, but rather using a normal
form request. If you don't do this, the results will vary across
browsers (this list is from memory):
1. no browser will remember user/pass combo unless it sees the HTML as
it parses the page. So, no JS generated form elements.
2. As far as I remember, Firefox was the only browser that offered the
remember password dialog for Ajax request (the heuristic were quite
smart). The other browsers needed a classic request.
3. Chrome was very picky in that the remember password dialog was shown
only on the first page after the redirect. If it happens that you do two
redirects after successful login, then no dialog is shown. Oh, and the
response of the page should be 2XX, but that's to be expected.
There were a lot of other issues that I don't remember right now. So my
advice is to go for a classic HTML form/request. You can have the form
with "display:none" and after the GWT code loads reposition it wherever
you want on the page, or even read the text input values and populate
another form element with them. But, as I said, submission should not be
done via JS.
Hope it helps,
--
Ionuț G. Stan | http://igstan.ro
-------- Original Message --------
Subject: Re: login form
Date: Thu, 21 Jul 2011 18:56:09 -0700 (PDT)
From: Josh <josh.e....@gmail.com>
To: "Ionuț G. Stan" <ionut....@gmail.com>
These links touches on it. If your forms are not in the pages HTML
then browsers will not recognize them as a login password combo. The
first link suggested using div.
http://stackoverflow.com/questions/2778350/let-browser-save-username-password-values-in-a-login-form
http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ