Hi,
On May 2, 2013, at 8:23 AM, Thomas Frühbeck <[email protected]> wrote:
> Hi,
> if I understand right, @InterceptedCall is a _client_ side interceptor, so I
> would not spend too much effort there :-)
>From my perspective it's like validation of the model if we can already do
>something on the client side we should do it there, but because this can be
>bypassed we cannot rely on it and have to do this on the server as well. And
>like you mention we can use CDI interceptors for this.
> - "logged in" is a conception, which is most critical server side, the
> client may not know about current state - checking client side won't really
> help
Why is it not allowed for the client to know about the current state? Can't I
have something like hello #username on my page?
> - Errai-Bus is to be regarded as "outside" of container security context,
> because:
> - communication shall _normally_ not be prohibited by security - see
> Bus setup, Login-message
> - once a message is received, it will be executed
Could you elaborate on this? What do you suggest that we do?
Cheers,
Erik Jan
_______________________________________________
errai-dev mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/errai-dev
