Thanks a lot...
On Oct 28, 11:28 am, Lothar Kimmeringer <[EMAIL PROTECTED]> wrote:
> Krish schrieb:
>
> > <%@ taglib uri="/WEB-INF/security_taglib.tld" prefix="security" %>
>
> > <security:permitted privilege="<%= Role.MODIFY%>">
> > // todo. display some text box. here
> > </security:permitted>
>
> > So while converting this jsp page to GWT, I need to import this
> > security taglib file. How can I design this page with GWT.
>
> You can't and you shouldn't. While your JSP-page is executed
> on the server-side, i.e. the server decides that the text-box
> should be shown, you would allow the client to do this decision
> if you want to embed that logic into the client-files of GWT.
> This is in the same way insecure as checking passwords using
> the Javascript of the browser. There are many FAQs outside
> (in case reasonable thinking isn't enough ;-) explaining
> why this isn't a good idea.
>
> There are two ways I would think of to solve that:
>
> - Get the (raw) data to be show by requesting a JSP-page
> using RequestBuilder. That way you can use the taglibs
> to leave out non-permitted data. The JSP-page produces
> XML or some other data-type that is interpreted by the
> GWT-client when building up the corresponding mask.
> - Check the permission inside the RemoteServiceServlet
> using the same code that is actually be invoked with
> the tag of the taglib.
>
> Regards, Lothar
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/Google-Web-Toolkit?hl=en
-~----------~----~----~----~------~----~------~--~---
