1) Got it! 2) That is exactly the file I was looking for.
Now i can test spring security with my own project. Thank you! 2011/6/16 Juan Pablo Gardella <[email protected]> > You don't need make mvn package every time, and don't need install. > You do mvn package one time. Then always mvn jetty:deploy. If you change > some classes, you must package again. To run in hosted mode, mvn gwt:run. > But is better run hosted mode inside eclipse. > > 1) src/main/resources/import.sql is used to populated the database. JPA > annotation to generate. > 2) See > WEB-INF/applicationContext-security.xml<https://bitbucket.org/gardellajuanpablo/gwt-sample/src/501a6b6a7d49/src/main/webapp/WEB-INF/applicationContext-security.xml>. > You can develop a LoginService as wrapper of spring security. > > public class LoginService implements ILoginService{ > > @Inject > ApplicationContext applicationContext; > > > private Collection<GrantedAuthority> getAuthorities() { > return getAuthorities(SecurityContextHolder.getContext() > .getAuthentication()); > } > > private Collection<GrantedAuthority> getAuthorities(Authentication auth) { > Collection<GrantedAuthority> roles = new HashSet<GrantedAuthority>(); > > if (auth == null) > throw new AuthenticationCredentialsNotFoundException( > "No Authentication"); > > Object obj = auth.getPrincipal(); > > if (obj instanceof UserDetails) > roles = ((UserDetails) obj).getAuthorities(); > > return roles; > } > > > > public String getUserName() { > return getUserName(SecurityContextHolder.getContext() > .getAuthentication()); > } > > private String getUserName(Authentication auth) { > > if (null == auth) > throw new AuthenticationCredentialsNotFoundException( > "No Authentication"); > > Object obj = auth.getPrincipal(); > String username = ""; > > if (obj instanceof UserDetails) > username = ((UserDetails) obj).getUsername(); > else > username = obj.toString(); > > return username; > } > > public boolean hasRol(String rol) { > for (GrantedAuthority authority : getAuthorities()) { > if (authority.getAuthority().equals(rol)) > return true; > } > return false; > } > > public boolean isLogged() { > Authentication auth = SecurityContextHolder.getContext() > .getAuthentication(); > if (auth == null) > return false; > return true; > } > > public void logout() { > SecurityContextHolder.getContext().setAuthentication(null); > } > > private HashSet<String> roles(Authentication > authentication) { > HashSet<String> roles = new HashSet<String>(); > Collection<GrantedAuthority> _roles = getAuthorities(authentication); > for (GrantedAuthority gr : _roles) { > roles.add(gr.getAuthority()); > } > return roles; > } > > } > > Juan > > 2011/6/16 Renato Beserra <[email protected]> > >> Hi Juan, >> >> Thanks again for the example. >> >> I managed to run it today, the installation was easy but i have a few >> questions. >> >> 1) Should the database be auto generated and populated? I am using >> m2eclipse and I used the following commands: >> >> maven install >> maven package >> maven package jetty:deploy-war >> >> The app is running and i can login but i see no "provincias" nor >> "partidos", is that right? >> >> I didn't got any build errors. >> >> 2) It is not clear to me where the login is implemented. I was expecting >> something like a "login Service" to make the bridge between GWT and >> spring-security but i didn't find one. Could you explain me how the login is >> handled? >> >> Thanks in advance! >> >> >> >> >> >> >> 2011/5/27 Juan Pablo Gardella <[email protected]> >> >>> Here you are: >>> >>> https://bitbucket.org/gardellajuanpablo/gwt-sample/wiki/Home >>> >>> <https://bitbucket.org/gardellajuanpablo/gwt-sample/wiki/Home>If you >>> have any question ask me :) >>> >>> Regards, >>> Juan >>> >>> >>> 2011/5/27 Renato Beserra <[email protected]> >>> >>>> Thanks a lot Juan, it will be very useful! >>>> >>>> >>>> 2011/5/27 Juan Pablo Gardella <[email protected]> >>>> >>>>> Yes is easy and powerfull. I'll make a sample and share to you. >>>>> >>>>> >>>>> >>>>> 2011/5/27 Renato Beserra <[email protected]> >>>>> >>>>>> Do you know if the integration is easy? I searched the web and found >>>>>> some examples but they seem complex. Basically, i need to check some >>>>>> permissions in the database given a session and a user id. Do you think >>>>>> that >>>>>> Spring is suitable for that situation? >>>>>> >>>>>> Thanks Juan! >>>>>> >>>>>> >>>>>> 2011/5/26 Juan Pablo Gardella <[email protected]> >>>>>> >>>>>>> Use a framework to manage security concern, for example Spring >>>>>>> Security. This framework use HttpSession for example >>>>>>> >>>>>>> 2011/5/26 Renato Beserra <[email protected]> >>>>>>> >>>>>>>> Hey guys, >>>>>>>> >>>>>>>> I am developing a GWT application that requires login and I am using >>>>>>>> GWT RPC. I implemented a simple login/session feature that is handled >>>>>>>> with >>>>>>>> calls to the database to verify the authenticity of the session ID. >>>>>>>> >>>>>>>> I know that this is not efficient, but i am hesitating to use >>>>>>>> HTTPSession because i didn't find good information about its use with >>>>>>>> GWT. >>>>>>>> >>>>>>>> So, my question is: Should I use HTTPSession? I have the feeling >>>>>>>> that everything would stay only at memory and that could make the >>>>>>>> application less robust. >>>>>>>> >>>>>>>> I have concerns regarding security so I intend to use a HTTPS >>>>>>>> connection. Is that enough to prevent forged requests? >>>>>>>> >>>>>>>> I am just getting started with web development, so any links and >>>>>>>> explanations would be very useful. >>>>>>>> >>>>>>>> I already looked the following links about this subject: >>>>>>>> >>>>>>>> >>>>>>>> http://groups.google.com/group/Google-Web-Toolkit/web/security-for-gwt-applications?pli=1 >>>>>>>> >>>>>>>> >>>>>>>> http://code.google.com/p/google-web-toolkit-incubator/wiki/LoginSecurityFAQ >>>>>>>> >>>>>>>> >>>>>>>> Thanks in advance! >>>>>>>> >>>>>>>> -- >>>>>>>> Renato Beserra Sousa >>>>>>>> Brazil >>>>>>>> >>>>>>>> -- >>>>>>>> You received this message because you are subscribed to the Google >>>>>>>> Groups "Google Web Toolkit" group. >>>>>>>> To post to this group, send email to >>>>>>>> [email protected]. >>>>>>>> To unsubscribe from this group, send email to >>>>>>>> [email protected]. >>>>>>>> For more options, visit this group at >>>>>>>> http://groups.google.com/group/google-web-toolkit?hl=en. >>>>>>>> >>>>>>> >>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "Google Web Toolkit" group. >>>>>>> To post to this group, send email to >>>>>>> [email protected]. >>>>>>> To unsubscribe from this group, send email to >>>>>>> [email protected]. >>>>>>> For more options, visit this group at >>>>>>> http://groups.google.com/group/google-web-toolkit?hl=en. >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Renato Beserra Sousa >>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "Google Web Toolkit" group. >>>>>> To post to this group, send email to >>>>>> [email protected]. >>>>>> To unsubscribe from this group, send email to >>>>>> [email protected]. >>>>>> For more options, visit this group at >>>>>> http://groups.google.com/group/google-web-toolkit?hl=en. >>>>>> >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Google Web Toolkit" group. >>>>> To post to this group, send email to >>>>> [email protected]. >>>>> To unsubscribe from this group, send email to >>>>> [email protected]. >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/google-web-toolkit?hl=en. >>>>> >>>> >>>> >>>> >>>> -- >>>> Renato Beserra Sousa >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Google Web Toolkit" group. >>>> To post to this group, send email to >>>> [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/google-web-toolkit?hl=en. >>>> >>> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "Google Web Toolkit" group. >>> To post to this group, send email to [email protected] >>> . >>> To unsubscribe from this group, send email to >>> [email protected]. >>> For more options, visit this group at >>> http://groups.google.com/group/google-web-toolkit?hl=en. >>> >> >> >> >> -- >> Renato Beserra Sousa >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Google Web Toolkit" group. >> To post to this group, send email to [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/google-web-toolkit?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > -- Renato Beserra Sousa -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
