You could load your user credentials on app start and then set UI controls visible/invisible based on the users credentials. But that only makes the UI nice for the user. You still have to check for the same credentials on your server so that your server disallows any server actions that the user has no permissions for. E.g. when a user can not create a person the "create person" button is hidden in the UI and the server will disallow any "create person" action as well.
You can search this group and you will find lots of threads regarding general app security, authentication and authorization. -- J. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-web-toolkit?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
