It's been a while since I've set mine up to do this, but when you say
you're setting them in the interface on the client side, are you
trying them on the Async interface or the interface your server-side
code implements off of? If you do it on the interface your server-
side code uses as the implementation contract, it will automatically
get those for spring security to check on the server-side and if you
set them up with spring doing the intercepting of the URL with
something such as org.springframework.web.servlet.DispatcherServlet
and in its myservletnamefromwebxml-servlets.xml, do something like
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:util="http://www.springframework.org/schema/util";
xsi:schemaLocation="
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.0.xsd
http://www.springframework.org/schema/util
http://www.springframework.org/schema/util/spring-util-3.0.xsd";>
<bean id="urlMapping"
class="org.gwtwidgets.server.spring.GWTHandler">
<property name="mappings">
<map>
<entry key="/myService.rpc"
value-ref="MyRPCService" />
</map>
</property>
</bean>
</beans>
Note that I'm using the GWTHandler bean from gwt-sl (http://
sourceforge.net/projects/gwt-widget/files/GWT%20Server%20Library/) to
do the URL mapping since it does better integration with GWT than
spring's built-in handlers do.
You may also want to look into gwtsecurity to send better exceptions
to your client: http://code.google.com/p/gwtsecurity/
On Jul 7, 1:02 pm, Renato Beserra <[email protected]> wrote:
> Thanks for your answer.
>
> I considered something like that, but every restricted rpc method
> implementation has to call another method, with its own interface secured by
> annotations, right?
>
> 2011/7/7 Juan Pablo Gardella <[email protected]>
>
>
>
>
>
>
>
>
>
> > Hi Renato,
>
> > I have a service layer, so in this method I use JSR250
> > <http://en.wikipedia.org/wiki/JSR_250>annotations, Spring security can
> > work with this API. In client side I don't protect the invocations. In
> > server side, spring security throws an exception, if try to access to a
> > protected method, and travel to the client. I wrap it in a class and show an
> > alert to the user.
>
> > Juan
>
> > 2011/7/7 Renato Beserra <[email protected]>
>
> >> Hi,
>
> >> I am integrating a GWT application with Spring Security and I got a great
> >> example on a previous thread -
> >>http://groups.google.com/group/google-web-toolkit/browse_thread/threa....
>
> >> But now I want to secure my rpc calls, but i have a problem: Spring
> >> Security provides some annotations that i should use on the method
> >> declaration. But in GWT RPC the interface should be defined on client side,
> >> so the annotation is not valid.
>
> >> Is there a simpler solution other than making my rpc implementation to
> >> call a secured method on the server-side?
>
> >> Thanks in advance.
>
> >> --
> >> Renato Beserra Sousa
>
> >> --
> >> You received this message because you are subscribed to the Google Groups
> >> "Google Web Toolkit" group.
> >> To post to this group, send email to [email protected].
> >> To unsubscribe from this group, send email to
> >> [email protected].
> >> For more options, visit this group at
> >>http://groups.google.com/group/google-web-toolkit?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Google Web Toolkit" group.
> > To post to this group, send email to [email protected].
> > To unsubscribe from this group, send email to
> > [email protected].
> > For more options, visit this group at
> >http://groups.google.com/group/google-web-toolkit?hl=en.
>
> --
> Renato Beserra Sousa
--
You received this message because you are subscribed to the Google Groups
"Google Web Toolkit" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
