1) Got it!

2) That is exactly the file I was looking for.

Now i can test spring security with my own project.

Thank you!



2011/6/16 Juan Pablo Gardella <[email protected]>

> You don't need make mvn package every time, and don't need install.
> You do mvn package one time. Then always mvn jetty:deploy. If you change
> some classes, you must package again. To run in hosted mode, mvn gwt:run.
> But is better run hosted mode inside eclipse.
>
> 1) src/main/resources/import.sql is used to populated the database. JPA
> annotation to generate.
> 2) See 
> WEB-INF/applicationContext-security.xml<https://bitbucket.org/gardellajuanpablo/gwt-sample/src/501a6b6a7d49/src/main/webapp/WEB-INF/applicationContext-security.xml>.
> You can develop a LoginService as wrapper of spring security.
>
> public class LoginService implements ILoginService{
>
> @Inject
> ApplicationContext applicationContext;
>
>
> private Collection<GrantedAuthority> getAuthorities() {
> return getAuthorities(SecurityContextHolder.getContext()
>  .getAuthentication());
> }
>
> private Collection<GrantedAuthority> getAuthorities(Authentication auth) {
>  Collection<GrantedAuthority> roles = new HashSet<GrantedAuthority>();
>
> if (auth == null)
>  throw new AuthenticationCredentialsNotFoundException(
> "No Authentication");
>
> Object obj = auth.getPrincipal();
>
> if (obj instanceof UserDetails)
>  roles = ((UserDetails) obj).getAuthorities();
>
> return roles;
>  }
>
>
>
> public String getUserName() {
> return getUserName(SecurityContextHolder.getContext()
>  .getAuthentication());
> }
>
> private String getUserName(Authentication auth) {
>
> if (null == auth)
> throw new AuthenticationCredentialsNotFoundException(
>  "No Authentication");
>
> Object obj = auth.getPrincipal();
>  String username = "";
>
> if (obj instanceof UserDetails)
>  username = ((UserDetails) obj).getUsername();
> else
> username = obj.toString();
>
> return username;
> }
>
> public boolean hasRol(String rol) {
>  for (GrantedAuthority authority : getAuthorities()) {
> if (authority.getAuthority().equals(rol))
>  return true;
> }
> return false;
>  }
>
> public boolean isLogged() {
> Authentication auth = SecurityContextHolder.getContext()
>  .getAuthentication();
> if (auth == null)
> return false;
>  return true;
> }
>
> public void logout() {
>  SecurityContextHolder.getContext().setAuthentication(null);
> }
>
>                  private HashSet<String> roles(Authentication
> authentication) {
> HashSet<String> roles = new HashSet<String>();
>  Collection<GrantedAuthority> _roles = getAuthorities(authentication);
> for (GrantedAuthority gr : _roles) {
>  roles.add(gr.getAuthority());
> }
> return roles;
>  }
>
> }
>
> Juan
>
> 2011/6/16 Renato Beserra <[email protected]>
>
>> Hi Juan,
>>
>> Thanks again for the example.
>>
>> I managed to run it today, the installation was easy but i have a few
>> questions.
>>
>> 1) Should the database be auto generated and populated?  I am using
>> m2eclipse and I used the following commands:
>>
>> maven install
>> maven package
>> maven package jetty:deploy-war
>>
>> The app is running and i can login but i see no "provincias" nor
>> "partidos", is that right?
>>
>> I didn't got any build errors.
>>
>> 2) It is not clear to me where the login is implemented. I was expecting
>> something like a "login Service" to make the bridge between GWT and
>> spring-security but i didn't find one. Could you explain me how the login is
>> handled?
>>
>> Thanks in advance!
>>
>>
>>
>>
>>
>>
>> 2011/5/27 Juan Pablo Gardella <[email protected]>
>>
>>> Here you are:
>>>
>>> https://bitbucket.org/gardellajuanpablo/gwt-sample/wiki/Home
>>>
>>> <https://bitbucket.org/gardellajuanpablo/gwt-sample/wiki/Home>If you
>>> have any question ask me :)
>>>
>>> Regards,
>>> Juan
>>>
>>>
>>> 2011/5/27 Renato Beserra <[email protected]>
>>>
>>>> Thanks a lot Juan, it will be very useful!
>>>>
>>>>
>>>> 2011/5/27 Juan Pablo Gardella <[email protected]>
>>>>
>>>>> Yes is easy and powerfull. I'll make a sample and share to you.
>>>>>
>>>>>
>>>>>
>>>>> 2011/5/27 Renato Beserra <[email protected]>
>>>>>
>>>>>> Do you know if the integration is easy? I searched the web and found
>>>>>> some examples but they seem complex. Basically, i need to check some
>>>>>> permissions in the database given a session and a user id. Do you think 
>>>>>> that
>>>>>> Spring is suitable for that situation?
>>>>>>
>>>>>> Thanks Juan!
>>>>>>
>>>>>>
>>>>>> 2011/5/26 Juan Pablo Gardella <[email protected]>
>>>>>>
>>>>>>> Use a framework to manage security concern, for example Spring
>>>>>>> Security. This framework use HttpSession for example
>>>>>>>
>>>>>>> 2011/5/26 Renato Beserra <[email protected]>
>>>>>>>
>>>>>>>> Hey guys,
>>>>>>>>
>>>>>>>> I am developing a GWT application that requires login and I am using
>>>>>>>> GWT RPC. I implemented a simple login/session feature that is handled 
>>>>>>>> with
>>>>>>>> calls to the database to verify the authenticity of the session ID.
>>>>>>>>
>>>>>>>> I know that this is not efficient, but i am hesitating to use
>>>>>>>> HTTPSession because i didn't find good information about its use with 
>>>>>>>> GWT.
>>>>>>>>
>>>>>>>> So, my question is: Should I use HTTPSession? I have the feeling
>>>>>>>> that everything would stay only at memory and that could make the
>>>>>>>> application less robust.
>>>>>>>>
>>>>>>>> I have concerns regarding security so I intend to use a HTTPS
>>>>>>>> connection. Is that enough to prevent forged requests?
>>>>>>>>
>>>>>>>> I am just getting started with web development, so any links and
>>>>>>>> explanations would be very useful.
>>>>>>>>
>>>>>>>> I already looked the following links about this subject:
>>>>>>>>
>>>>>>>>
>>>>>>>> http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1
>>>>>>>>
>>>>>>>>
>>>>>>>> http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ
>>>>>>>>
>>>>>>>>
>>>>>>>> Thanks in advance!
>>>>>>>>
>>>>>>>> --
>>>>>>>> Renato Beserra Sousa
>>>>>>>> Brazil
>>>>>>>>
>>>>>>>> --
>>>>>>>> You received this message because you are subscribed to the Google
>>>>>>>> Groups "Google Web Toolkit" group.
>>>>>>>> To post to this group, send email to
>>>>>>>> [email protected].
>>>>>>>> To unsubscribe from this group, send email to
>>>>>>>> [email protected].
>>>>>>>> For more options, visit this group at
>>>>>>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>>>>>>
>>>>>>>
>>>>>>>  --
>>>>>>> You received this message because you are subscribed to the Google
>>>>>>> Groups "Google Web Toolkit" group.
>>>>>>> To post to this group, send email to
>>>>>>> [email protected].
>>>>>>> To unsubscribe from this group, send email to
>>>>>>> [email protected].
>>>>>>> For more options, visit this group at
>>>>>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Renato Beserra Sousa
>>>>>>
>>>>>> --
>>>>>> You received this message because you are subscribed to the Google
>>>>>> Groups "Google Web Toolkit" group.
>>>>>> To post to this group, send email to
>>>>>> [email protected].
>>>>>> To unsubscribe from this group, send email to
>>>>>> [email protected].
>>>>>> For more options, visit this group at
>>>>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>>>>
>>>>>
>>>>>  --
>>>>> You received this message because you are subscribed to the Google
>>>>> Groups "Google Web Toolkit" group.
>>>>> To post to this group, send email to
>>>>> [email protected].
>>>>> To unsubscribe from this group, send email to
>>>>> [email protected].
>>>>> For more options, visit this group at
>>>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Renato Beserra Sousa
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Google Web Toolkit" group.
>>>> To post to this group, send email to
>>>> [email protected].
>>>> To unsubscribe from this group, send email to
>>>> [email protected].
>>>> For more options, visit this group at
>>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>>
>>>
>>>  --
>>> You received this message because you are subscribed to the Google Groups
>>> "Google Web Toolkit" group.
>>> To post to this group, send email to [email protected]
>>> .
>>> To unsubscribe from this group, send email to
>>> [email protected].
>>> For more options, visit this group at
>>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>>
>>
>>
>>
>> --
>> Renato Beserra Sousa
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Google Web Toolkit" group.
>> To post to this group, send email to [email protected].
>> To unsubscribe from this group, send email to
>> [email protected].
>> For more options, visit this group at
>> http://groups.google.com/group/google-web-toolkit?hl=en.
>>
>
>  --
> You received this message because you are subscribed to the Google Groups
> "Google Web Toolkit" group.
> To post to this group, send email to [email protected].
> To unsubscribe from this group, send email to
> [email protected].
> For more options, visit this group at
> http://groups.google.com/group/google-web-toolkit?hl=en.
>



-- 
Renato Beserra Sousa

-- 
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to