there have been several posts on RequestFactory security, but I am still not clear. the sample code here: http://code.google.com/p/google-web-toolkit/source/browse/trunk/samples/expenses/src/main/java/com/google/gwt/sample/gaerequest/#gaerequest uses a filter to determine if a user can access the RequestFactory service. But what happens once a user authenticates? does he have access to all back end request? ie, if I have a findById method and a findAll (for my admin users) method in my locator, could a user authenticate, then post to either and receive all the data in my table? How do we authenticate individual types of request?
Thanks. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-web-toolkit/-/vQM_t1c1IeUJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
