deanhiller schrieb:
> BEFORE methods are even called, I want to chech if there is a User
> object in the Session(ie. user is logged in). If there is not, the
> Session probably expired and I want to throw a NotLoggedInException on
> every one of these methods(but not in the method itself).
By looking into RemoteServiceServlet I see a couple of ways
that should be possible (I haven't tried, so I might be
wrong ;-)
/**
* Override this method to examine the serialized version of the request
* payload before it is deserialized into objects. The default implementation
* does nothing and need not be called by subclasses.
*/
protected void onBeforeRequestDeserialized(String serializedRequest);
Overwriting this method allow you to throw the NotLoggedInException
for every method that is going to be called.
If you want to throw the execption only for a list of methods
(e.g. to allow the login without creating a second servlet),
you might overwrite processCall instead. Here an example of how I
think it should be possible:
public String processCall(String payload) throws SerializationException{
try {
RPCRequest rpcRequest = RPC.decodeRequest(payload, this.getClass(), this);
if (!rpcRequest.getMethod().getName().equals("checkLogin")){
if (!isValidSession){
throw new NotLoggedInException();
}
}
}
catch(SerializationException se){
throw se;
}
catch(Exception e){}
return super.processCall(payload);
}
NotLoggedInException must be derived from SerializableException
> I would
> prefer this is reusable in an abstract class that implements
> RemoteServiceServlet and any GWT Servlet any team creates here will
> extend that and inherit this functionality since all the
> authentication stuff is the same for all our services.
Above should be usable in an abstract way, you can define the
list of allowed methods by using e.g. annotations or a list
of strings being set in the init-method of the derived servlets.
The only thing missing is a class implemeting AsyncCallback that
overwrites onFailure and checks for the NotLoggedInException to
"redirect" to the login-panel automatically.
Regards, Lothar
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/Google-Web-Toolkit?hl=en
-~----------~----~----~----~------~----~------~--~---
