Hi all, I've implemented some integration of Spring Security and GWT. It is exactly the process described by Andrey: * http://code.google.com/p/net-orcades-spring/ is using pattern (URL filtering). * http://code.google.com/p/orcades-gwt-spring/ is using MVP pattern with secured at method level.
The later project, is not very well documented, but if your are fluent with GWT Spring and Maven it shouldn't be an issue. HIH PS: Currently, my current jobs is not GWT based :(, it's on my free time. On Thu, Jan 21, 2010 at 3:14 PM, Alexander <[email protected]> wrote: > +1 > > I do always authorise user action at services. I cant find out any other > solution. > > 2010/1/21 ailinykh <[email protected]> > >> By this way you secure the main page only. What is pretty much >> useless. >> All client/server communication is done through AJAX. You can't secure >> it by a traditional servlet filter, >> because GWT serialization doesn't know anything about redirect. You >> will have something like serialization Exception. >> Also you have to think about user authorization. Users with different >> roles allowed to have access to different resources. >> >> I see the only way to do it- in every RPC call check user identity and >> permissions, then throw application defined exception if something is >> wrong. >> On client side you have to catch that exception and redirect to login >> page. >> >> Thank you, >> Andrey >> >> On Jan 21, 6:35 am, FKereki <[email protected]> wrote: >> > Hi! I was just checking the consensus on how to do a secure login and >> > it seems to be along the lines of: >> > >> > * set a simple login application to run athttps:// >> your.own.site.com/login >> > * set the rest of your application to run athttp:// >> your.own.site.com/main >> > * if the user tries to directly go tohttp://your.own.site.com/main, >> > redirect him tohttps://your.own.site.com/login >> > * on successful login, set a cookie, and redirect tohttp:// >> your.own.site.com/main >> > >> > Is this it? Am I missing something? Any better ways to do it? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Google Web Toolkit" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]<google-web-toolkit%[email protected]> >> . >> For more options, visit this group at >> http://groups.google.com/group/google-web-toolkit?hl=en. >> >> >> >> > > > -- > Regards, > Alexander > > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<google-web-toolkit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > > -- A coward is incapable of exhibiting love; it is the prerogative of the brave. -- Mohandas Gandhi--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to [email protected].
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
