Thank you for your feedback. Yes, i was very worried about the security on client-side. However, as Jack pointed out, what if you want to show certain features to certain users (based on their role). for example, if a user has admin privileges, show "DELETE"and "UPDATE" button on the panel. or if you have a StackPanel, you want to show the parts relevant to user's role/access level. can also be applied to Tabs, Trees, etc.
when the request gets to the server, server can decide whether to perform an operation or not, based on the user access privileges. and rightly so, i agree. however when it comes to showing relevant widgets on the client based on user's access level, i dont think there is anything server can do about it. this is what im thinking in pseudo code: if(user.canEdit() && user.canDelete()) mainPanel.add(deleteButton); mainPanel.add(editButton); or if(user.isClerk) mainPanel.add(clerkWorkspace) else if (user.isBranchManager()) mainPanel.add(branchManagerWorkspace) am i wrong in my apoproach ? how do you handle such scenarios based on your experience ? thank you for your insights. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
