You just solved my doubt. The DispatcherServlet looks very simple with your explanation and I will try to use it.
Thank you very much! Best Regards, 2011/7/8 Kevin Jordan <ke...@kjordan.net> > You'll need to have your service invoked as a Spring Bean somehow to > make the annotations take effect. It won't work as just a servlet > entry in your web.xml. DispatcherServlet is one of the easiest way to > make it do that. > > On Jul 8, 7:11 am, Renato Beserra <renatobese...@gmail.com> wrote: > > Hi Kevin, thanks for your answer. > > > > I tried to do it on the interface my server-side code uses as the > > implementation contract but I was using a JSR-250 annotation > @RolesAllowed, > > which wasn't on my client scope. > > > > I just tried the @PreAuthorize annotation and it seems to work on the > > client-side. Do I need the DispatcherServlet in order to make the > annotation > > works? > > > > 2011/7/7 Kevin Jordan <ke...@kjordan.net> > > > > > > > > > > > > > > > > > > > > > It's been a while since I've set mine up to do this, but when you say > > > you're setting them in the interface on the client side, are you > > > trying them on the Async interface or the interface your server-side > > > code implements off of? If you do it on the interface your server- > > > side code uses as the implementation contract, it will automatically > > > get those for spring security to check on the server-side and if you > > > set them up with spring doing the intercepting of the URL with > > > something such as org.springframework.web.servlet.DispatcherServlet > > > and in its myservletnamefromwebxml-servlets.xml, do something like > > > <?xml version="1.0" encoding="UTF-8"?> > > > <beans xmlns="http://www.springframework.org/schema/beans" > > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > > > xmlns:util="http://www.springframework.org/schema/util" > > > xsi:schemaLocation=" > > > http://www.springframework.org/schema/beans > > > > http://www.springframework.org/schema/beans/spring-beans-3.0.xsd > > > http://www.springframework.org/schema/security > > > > >http://www.springframework.org/schema/security/spring-security-3.0.xsd > > > http://www.springframework.org/schema/util > > >http://www.springframework.org/schema/util/spring-util-3.0.xsd"> > > > > > <bean id="urlMapping" > > > class="org.gwtwidgets.server.spring.GWTHandler"> > > > <property name="mappings"> > > > <map> > > > <entry key="/myService.rpc" > > > value-ref="MyRPCService" /> > > > </map> > > > </property> > > > </bean> > > > </beans> > > > > > Note that I'm using the GWTHandler bean from gwt-sl (http:// > > > sourceforge.net/projects/gwt-widget/files/GWT%20Server%20Library/) to > > > do the URL mapping since it does better integration with GWT than > > > spring's built-in handlers do. > > > > > You may also want to look into gwtsecurity to send better exceptions > > > to your client:http://code.google.com/p/gwtsecurity/ > > > > > On Jul 7, 1:02 pm, Renato Beserra <renatobese...@gmail.com> wrote: > > > > Thanks for your answer. > > > > > > I considered something like that, but every restricted rpc method > > > > implementation has to call another method, with its own interface > secured > > > by > > > > annotations, right? > > > > > > 2011/7/7 Juan Pablo Gardella <gardellajuanpa...@gmail.com> > > > > > > > Hi Renato, > > > > > > > I have a service layer, so in this method I use JSR250 > > > > > <http://en.wikipedia.org/wiki/JSR_250>annotations, Spring security > can > > > > > work with this API. In client side I don't protect the invocations. > In > > > > > server side, spring security throws an exception, if try to access > to a > > > > > protected method, and travel to the client. I wrap it in a class > and > > > show an > > > > > alert to the user. > > > > > > > Juan > > > > > > > 2011/7/7 Renato Beserra <renatobese...@gmail.com> > > > > > > >> Hi, > > > > > > >> I am integrating a GWT application with Spring Security and I got > a > > > great > > > > >> example on a previous thread - > > > > >http://groups.google.com/group/google-web-toolkit/browse_thread/threa.. > .. > > > > > > >> But now I want to secure my rpc calls, but i have a problem: > Spring > > > > >> Security provides some annotations that i should use on the method > > > > >> declaration. But in GWT RPC the interface should be defined on > client > > > side, > > > > >> so the annotation is not valid. > > > > > > >> Is there a simpler solution other than making my rpc > implementation to > > > > >> call a secured method on the server-side? > > > > > > >> Thanks in advance. > > > > > > >> -- > > > > >> Renato Beserra Sousa > > > > > > >> -- > > > > >> You received this message because you are subscribed to the Google > > > Groups > > > > >> "Google Web Toolkit" group. > > > > >> To post to this group, send email to > > > google-web-toolkit@googlegroups.com. > > > > >> To unsubscribe from this group, send email to > > > > >> google-web-toolkit+unsubscr...@googlegroups.com. > > > > >> For more options, visit this group at > > > > >>http://groups.google.com/group/google-web-toolkit?hl=en. > > > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > Groups > > > > > "Google Web Toolkit" group. > > > > > To post to this group, send email to > > > google-web-toolkit@googlegroups.com. > > > > > To unsubscribe from this group, send email to > > > > > google-web-toolkit+unsubscr...@googlegroups.com. > > > > > For more options, visit this group at > > > > >http://groups.google.com/group/google-web-toolkit?hl=en. > > > > > > -- > > > > Renato Beserra Sousa > > > > > -- > > > You received this message because you are subscribed to the Google > Groups > > > "Google Web Toolkit" group. > > > To post to this group, send email to > google-web-toolkit@googlegroups.com. > > > To unsubscribe from this group, send email to > > > google-web-toolkit+unsubscr...@googlegroups.com. > > > For more options, visit this group at > > >http://groups.google.com/group/google-web-toolkit?hl=en. > > > > -- > > Renato Beserra Sousa > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To post to this group, send email to google-web-toolkit@googlegroups.com. > To unsubscribe from this group, send email to > google-web-toolkit+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > > -- Renato Beserra Sousa -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.