(1) The easiest way would be just to implement an auth filter in your servlet. Just put everything behind the "authentication". Only the login HTML/JSP should be accessible without authentication.
https://www.codejava.net/java-ee/servlet/how-to-implement-authentication-filter-for-java-web-application (2) Another way is to use Basic Auth of Tomcat https://jelastic.com/blog/restrict-access-tomcat-web-application-hosting http://www.avajava.com/tutorials/lessons/how-do-i-use-basic-authentication-with-tomcat.html But if your webapp is getting complex I would prefer to use Spring Boot + Spring Security. Or maybe JavaEE + Security? [email protected] schrieb am Mittwoch, 21. Oktober 2020 um 21:53:22 UTC+2: > It’s Java + Tomcat + GWT service servlet. > > On Oct 21, 2020, at 12:48 PM, [email protected] <[email protected]> > wrote: > > I think, it depends on what kind of server-side technology do you use. > > I'm using normally REST APIs with Spring Boot and for that part I use > Spring Security with OAuth2 / JWT token. > > But the simplest one would be using Spring Boot and Spring Security like > this example: https://spring.io/guides/gs/securing-web > > Hope this helps! > [email protected] schrieb am Mittwoch, 21. Oktober 2020 um 20:56:10 UTC+2: > >> Are there best practices for securing RPC calls? In an app I'm working on >> some of the calls are OK to go through without authentication, and some do >> require authentication and authorization. Any thoughts / suggestions? >> >> Slava >> > > -- > You received this message because you are subscribed to a topic in the > Google Groups "GWT Users" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/google-web-toolkit/f_QJldsQ-y0/unsubscribe > . > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/google-web-toolkit/e154fd85-7841-4a74-ac36-e7461c71a498n%40googlegroups.com > > <https://groups.google.com/d/msgid/google-web-toolkit/e154fd85-7841-4a74-ac36-e7461c71a498n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/12e0bcc9-ff77-40b6-b8cd-6767d07f9e03n%40googlegroups.com.
