Events (like Click) not firing when using UiBuilder? SOLVED
I started playing with UiBuilder this evening and I love it, thanks
Google!
I was working through the examples on
http://code.google.com/webtoolkit/doc/latest/DevGuideUiBinder.html#Overview
In the third code block down we see this:
HelloWorld helloWorld = new HelloWorld();
Document.get().getBody().appendChild(helloWorld.getElement());
... which works fine.
Later there is an example with a button that you can click and
apparently the event handling is magically done like this:
@UiHandler(button)
void handleClick(ClickEvent e) {
Window.alert(Hello, AJAX);
}
Clicking the button does nothing! It had me stumped for a while. I
found a few comments in the group saying it wasn't working. Then I
remembered that GWT has a different way of handling events other
than hooking onto raw elements, so of course this won't work:
Document.get().getBody().appendChild(helloWorld.getElement());
The solution is to use:
RootPanel.get().add(helloWorld);
Obvious now!
Paul S
--
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
Re: XHTML does not work?
Switching to XHTML is about changing the doctype of the page, not the file extension. See this: http://www.w3.org/QA/2002/04/valid-dtd-list.html When you say you have updated the references, where? Are you getting something like: HTTP ERROR: 404 NOT_FOUND RequestURI=/index.html Powered by Jetty:// If so then you need to tell browser to hit your new URL. Also go into web.xml and change the default welcome page URL. On Feb 21, 12:33 am, markww mar...@gmail.com wrote: Hi, I want to use an XHTML file instead of an HTML file as the entry page for my project. If I change myproject.HTML to myproject.XHTML, the project no longer works (I updated the other references to .HTML in my project as well). Does gwt just not work with XHTML? Thanks -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: custom runtime exception got translated to StatusCodeException
I'm not sure about this one, but basically I do know that the GWT RPC
mechanism needs to know if your RPC services are planning on throwing
an exception. In my code I have the following:
public interface UserService extends RemoteService {
void save(User user) throws ServerSideException;
}
If I don't specify throws ServerSideException then I get Call failed
on the server; check server logs, if I do add throws
ServerSideException I get control of the exception and I can give it a
meaningful message. I'm not sure that this is exactly what you are
facing though?
Paul S
On Feb 20, 11:42 pm, bhomass bhom...@gmail.com wrote:
I got my server side code to throw custom exceptions for a long time
and have a lot of working code to copy from.
this time, I throw a ExpiredSessionException, it got translated to
StatusCodeException. and on the client side, caught.getMessage() is
this huge html fragment, starting with Http Error: 500. the whole
message is too big to display in the error dialog and is unsuitable
for users.
the only difference I can detect is
1. the ExpiredSessionException is not a declared exception,
2. it is throw during the service() call, instead of in one the rpc
methods.
I am not sure what is the cause for loosing my original Exception.
how can I get gwt to throw my own exception and not the
StatusCodeException?
--
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
Small error in UiBuilder doc page
http://code.google.com/webtoolkit/doc/latest/DevGuideUiBinder.html#Overview
contains some getting started examples. In the following styleNames
should be styleName (no s).
g:PushButton styleNames='{style.pretty}'This button doesn't look
like one/g:PushButton
--
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
Re: XHTML does not work?
Oh yeah you're right. GWT development mode just simply scans the war folder for anything ending in .html and then offers those options to you for your convenience. So 2 things to say here, 1. you are not limited to these URLs, you can type anything in your browser 2. GWT plugin just isn't seeing your .xhtml file, doesn't mean it's not there. However, to make everyone happy I'd recommend you change your .xhtml back to .html and then fix up the doctype to be XHTML. Honestly, that's all that counts, not the file extension. In fact try this: 1. run your app 2. right click and view source 3. copy your (x)html source code 4. visit http://validator.w3.org and click the Validate by Direct Input tab 5. paste your source code into there and click validate. If you have provided valid xhtml code it will detect that and tell you. Paul S On Feb 21, 2:29 am, markww mar...@gmail.com wrote: Hi Paul, Yes I set the path in web.xml, so it doesn't have any problem with that, it looks like when I try to run my project as a web app, I get the usual startup sequence, but no URL is provided for me when launch is complete. When I run a project using a .html file, I see this appear in the console: For your convenience, here are some URLs that you may wish to view in development mode. Simply copy/paste a URL below into any suported browser. and normally the url is shown right there, but when using xhtml, no url is shown, that area is just empty. If I run a normal project, I can copy the url, then change it to point to my other project's xhtml file, and it is shown by the browser, but no javascript is executed. I am using Safari so it should be able to handle xhtml documents. I also updated the doc type via the url you had provided. This should be working? Thanks On Feb 20, 3:14 pm, Paul S paulsschw...@gmail.com wrote: Switching to XHTML is about changing the doctype of the page, not the file extension. See this:http://www.w3.org/QA/2002/04/valid-dtd-list.html When you say you have updated the references, where? Are you getting something like: HTTP ERROR: 404 NOT_FOUND RequestURI=/index.html Powered by Jetty:// If so then you need to tell browser to hit your new URL. Also go into web.xml and change the default welcome page URL. On Feb 21, 12:33 am, markww mar...@gmail.com wrote: Hi, I want to use an XHTML file instead of an HTML file as the entry page for my project. If I change myproject.HTML to myproject.XHTML, the project no longer works (I updated the other references to .HTML in my project as well). Does gwt just not work with XHTML? Thanks -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: tomcat and apache problem
So basically you are trying to serve up 2 things. An app from Tomcat and some other web content from Apache server? Firstly, can't the other content be served from Tomcat too? That way you could just stop your Apache server from running, then configure Tomcat to load up on port 80 (default for http) and that way no one will every know they're hitting a Tomcat server. Or, there is an Apache server module, I forgot the name, but is allows you to specify that any normal request goes to the http server and then any request at /j/* gets pushed along to the Tomcat server. I'm hazy on the details but have seen it working before and I don't think it's using a proxy in the way you are. Could work? On Feb 16, 12:47 am, Fran fra...@gmail.com wrote: Hello, I need your help about GWT integration in apache and tomcat. I have a GWT aplication that has server side. This server side is listening in 8081 port at tomcat. I need that the client side be in apache that is listening in port 80, so I need call server side at port 8081 of tomcat. How can I do? If I run the aplication int tomcat, its works fine. But If I run the aplication in apache, the server side dont work. Help me please Thanks -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: XHTML does not work?
That is pretty curious that the svg would load just because you have .xhtml as the file extension instead of .html, I have never used svg so this may very well be true and I'm showing my ignorance. About the validator, it's not the Holy Grail, code validation is very handy and a good discipline to keep, but sometimes you just can't make your code validate simply because you are using a modern spec that is unsupported or some browser specific feature. I see http://jwatt.org/svg/demos/xhtml-with-inline-svg.xhtml does have .xhtml on the end. Hmm. Well, stick with your .xhtml extension, and live with the fact that GWT's plugin will not offer you the convenient link? What you could do is just manually type the production mode link into your browser and then bookmark that... oh, having said that, perhaps the production mode browser plugin will not accept non-html extensions? Is the SVG something that GWT interacts with? On Feb 21, 2:56 am, markww mar...@gmail.com wrote: Hmm ok I see what you're saying. I'm trying to include an svg element in my document. If I use the xhtml doc type template you linked to, I get it validated 100% in that validator you mentioned. Now I try adding a simple svg element and it failes. When I add my svg stuff to it, the validation fails. But I'm adding it as specified from the mozilla page on svg:http://jwatt.org/svg/demos/xhtml-with-inline-svg.xhtml when I leave this document as .html, no svg elements are rendered. When switching to .xhtml, then the browsers render it. I know this out of scope of GWT, just throwing it out there! Thanks for your help! On Feb 20, 3:35 pm, Paul S paulsschw...@gmail.com wrote: Oh yeah you're right. GWT development mode just simply scans the war folder for anything ending in .html and then offers those options to you for your convenience. So 2 things to say here, 1. you are not limited to these URLs, you can type anything in your browser 2. GWT plugin just isn't seeing your .xhtml file, doesn't mean it's not there. However, to make everyone happy I'd recommend you change your .xhtml back to .html and then fix up the doctype to be XHTML. Honestly, that's all that counts, not the file extension. In fact try this: 1. run your app 2. right click and view source 3. copy your (x)html source code 4. visithttp://validator.w3.organdclick the Validate by Direct Input tab 5. paste your source code into there and click validate. If you have provided valid xhtml code it will detect that and tell you. Paul S On Feb 21, 2:29 am, markww mar...@gmail.com wrote: Hi Paul, Yes I set the path in web.xml, so it doesn't have any problem with that, it looks like when I try to run my project as a web app, I get the usual startup sequence, but no URL is provided for me when launch is complete. When I run a project using a .html file, I see this appear in the console: For your convenience, here are some URLs that you may wish to view in development mode. Simply copy/paste a URL below into any suported browser. and normally the url is shown right there, but when using xhtml, no url is shown, that area is just empty. If I run a normal project, I can copy the url, then change it to point to my other project's xhtml file, and it is shown by the browser, but no javascript is executed. I am using Safari so it should be able to handle xhtml documents. I also updated the doc type via the url you had provided. This should be working? Thanks On Feb 20, 3:14 pm, Paul S paulsschw...@gmail.com wrote: Switching to XHTML is about changing the doctype of the page, not the file extension. See this:http://www.w3.org/QA/2002/04/valid-dtd-list.html When you say you have updated the references, where? Are you getting something like: HTTP ERROR: 404 NOT_FOUND RequestURI=/index.html Powered by Jetty:// If so then you need to tell browser to hit your new URL. Also go into web.xml and change the default welcome page URL. On Feb 21, 12:33 am, markww mar...@gmail.com wrote: Hi, I want to use an XHTML file instead of an HTML file as the entry page for my project. If I change myproject.HTML to myproject.XHTML, the project no longer works (I updated the other references to .HTML in my project as well). Does gwt just not work with XHTML? Thanks -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: GWT 2.0 and Eclipse, Project redeployment
Rajeev, please elaborate on this. I thought is was just part of the fact that we had to restart the server if functionality there changed. Would be very nice if server code could be hot swapped. Naturally I would think that changes to web.xml and so on would require a server restart, but that's to be expected. So you are saying that normal Java code in the server side servlets can be changed? Please give a bit more instruction on how to do this (I'm using GWT 2 in Eclipse). Thanks Paul On Feb 18, 7:27 pm, Rajeev Dayal rda...@google.com wrote: How are you restarting the server? Are you using the Restart Server option in the Development Mode view? Also, if you are running your launch configuration using Debug (not Run), and you've set Eclipse to Build Automatically, then server-side changes should be hotswapped in most cases. On Thu, Feb 18, 2010 at 10:44 AM, paata paata...@gmail.com wrote: Hi all, I'm newbie on gwt. I've eclipse gwt project with smartgwt. When i make changes on client side code, changes appeard after saving, but when i make changes on server side (change anything into servlet method ) it is required to restart server. I need redeployment not server restart Restart needs long time, approximately 3-4 minute. any idea? regards paata -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.comgoogle-web-toolkit%2Bunsubs cr...@googlegroups.com . For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en. -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Best practices/ideas for GWT with Spring Security (or equivalent)
here, don't lose my session!. The problem with this is that we are solving the problem by overcoming the session time out problem. That's ok but not really what we want - not to mention some purists would say that this is an abuse of the session timeout function. I'm not sure where I sit on that argument, because session timeout does two things - 1. ensure that if you walk away from your computer and then later a rogue colleague sits are you computer, the system protects itself by having timed out and requiring login again, assuming an hour elapsed. 2. allows the server a way to garbage collect old sessions so it's memory isn't taken up by session information from last week/month/year. If 2. is all you care about then the server ping approach works fine. 4. With Ajax - logging in using an RPC call This would be the silver bullet, wouldn't it? I doubt (though maybe I am wrong) that you could employ the traditional style of protection/ login as mentioned in 2. to protect your host page /admin.html and then if successfully logged in you gain access to the host page and all of the RPC calls as well, but when your session expires you get the nice, pretty, GWT popup that then does its second login via an RPC call?! This would require that the URL of your RPC login service would have to have public access, but all your business services would need Admin access. The advantages here are - admin app is protected - RPC calls are protected - if session times out and you attempt an RPC call then your onFailure code would know to show you the login popup - if you successfully login then the popup hides and you may continue with your work. Page state/work flow was never interrupted. At worst you'll need to repeat your last action, which may be clicking Save again, or whatever, I don't know if we could get the RPC call Request to replay automatically, your thoughts? If this is possible then please share. If it is not, then I would still like to explore the authentication over RPC technique, and would be happy to forego having the /admin.html page protected. Like I said, in most apps it is the interaction with the server that must be protected, it is not crucial to protect your Javascript application code. (unless it is ;) ). I hope this helps someone, and in return I hope someone can help me with approach number 4. Note that approach number 4 will require some server side set up, so will require some Spring-specific modifications/ changes of default behaviour. Happy coding, Paul S -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: Best practices/ideas for GWT with Spring Security (or equivalent)
addendum: my session expired whilst writing this!
On Feb 19, 1:07 pm, Paul S paulsschw...@gmail.com wrote:
I would like to debate some ideas for how to secure GWT apps in
different ways and their pros and cons. It is important to remember
that there will be different needs and so different approaches will be
more suitable in certain cases, but I just want to be aware of what
people are doing.
I am using Spring Security because it is excellent, and whilst I am
aware that there are many other solutions available this is not the
focus here, so I'll just call it Security from here on.
Security offers protection of URLs and also some more fancy AOP style
protection like protection of specific functions. To keep things
simple here lets just look at protection of URLs.
1. Without Ajax - Protecting URLs that relate to pages
Before the days of Ajax where a URL effectively corresponds to a state
you can see how the model becomes straight forward. Adam accesses /
home.html, it loads and Adam gets to read a bunch of content. At this
point Adam is considered to be a Guest. Adam is curious about a link
called Administration, when he clicks it he is sending a Request.
That Request has some header info embedded in it (which the user never
sees but you can see if with Firebug or whatever). Sadly Adam is not
signed in so Security redirects him to a login page, but remembers
everything about that original Request. Adam suddenly remembers he
does have a user name and password so he logs in. Security processes
his login and then redirects him to the exact equivalent of what would
have been the original Request. Adam is happy because his work flow
continued seamlessly despite being asked to login.
(Ok, Spring Security can be configured to replay the original Request
upon successful login (default), or it can be forced to send you to a
particular default login success page. If you use the latter then
Adam's work flow will not be seamless because his original request for
the Administration page has been forgotten. Though sometimes you
might need a set up like this?)
Now Ajax comes along, and in particular I'm going to talk about GWT
here but the principles apply.
2.a. With Ajax - but still protecting URLs that relate to pages
If we use Security to protect the URL of container page (in GWT that's
the page that hosts the bootstrap javascript code for your GWT app)
then, just like normal if Adam visits /home.html he will be able to
read the content on that page. The Administration link has been
modified to take you to /admin.html which is in fact the host page the
GWT administrator module. Adam clicks Administration which Security
knows requires the Admin role so he is redirected to the login page.
Adam logs in and whether Security is configured to play back the exact
Request or whether you specifically move the browser along to /
admin.html, at this point doesn't matter. Adam is now looking at a
fully loaded GWT application. Lets say also that Security is told to
protect every GWT RPC call. Well Adam is logged in so he is allowed
access to the server services via GWT RPC and all goes smoothly...
until Adam leaves his computer for an hour and comes back to continue
his work. When the next server call that occurs is met by Security who
says, since your session has expired you are not logged in, so I'm
going to redirect you to the login page. XmlHttpRequest obeys the 30x
response code which is telling it to actually load the resource at /
login.html. In GWT this amounts to an InvocationException where the
error message content is your /login.html page markup. That's no good!
The XHR cannot interpret this as your browser would, so what to do?
The answer is pretty straightforward here. Design your /login.html
page to contain a text token that you can search for. So for example
in my /login.html code I have places an html comment right at the top
like this
!-- SECURITY-LOGIN-PAGE --
so when the browser hits the /login.html page it just looks like a
regular login page. But when the RPC call encounters this
InvocationTarget exception I have an onFailure handler that looks like
this:
public void onFailure(Throwable t) {
if (t instanceof InvocationException){
if
(t.getMessage().split(!--\\s*SECURITY-LOGIN-PAGE\\s*--).length 1){
onLoginRequested();
} else {...}
} else {...}
}
My onLoginRequested() method could be any of a few styles. The most
obvious is to have it call a native method that looks like this:
private native void redirectToLogin() /*-{
$wnd.location.replace(/login.html);
}-*/;
Now at this point we have to get clear on the behaviour of Security
with regard to where it redirects the browser after successful login.
In this case you would have to specify that it ALWAYS redirects you
to /admin.html so that when Adam signs in again he is taken back into
the Administration app
Re: Best practices/ideas for GWT with Spring Security (or equivalent)
I got some ideas from Kent
http://stackoverflow.com/questions/1013032/programmatic-use-of-spring-security
who in turn got some ideas from Spring Security 3 Technical Overview
http://static.springsource.org/spring-security/site/docs/3.0.x/reference/technical-overview.html#d4e689
I now have a set up that resembles Scenario 4.
In my current set up Spring Security is still configured to respond
with a valid html form at /login.html (with my !-- SECURITY-LOGIN-
PAGE -- token hidden in it). So both page requests and XHR Ajax
requests are subject to Spring Security's declarative set up. Whether
I arrive at the host page and am not authenticated, or if I
authenticate and then after my session has timed out I try to call an
RPC service, I will be met with the /login.html contents as the
response. Ok, so the only trick now is that in my GWT app if I get an
InvocationException that equates to Spring Security trying to redirect
me to the /login.html page then I simply show a nice looking GWT popup
that looks like this:
Sorry, your session seems to have expired
Username: __
Password: __
Login
And when the user clicks Login an RPC call to the server is shot off
that looks a bit like this:
public interface LoginService extends RemoteService {
boolean login(String username, String password);
}
Note that the boolean it returns isn't the real business here. The
real business is that we now have an authenticated session on the
server. The boolean returned just tells our GWT app to hide the popup
(if true) or keep showing it and tell the user to try log in again (if
false). That's all.
On the server I then have a service implementation that performs the
login very similarly to what Kent has done:
@Override
public boolean login(String username, String password) {
log.debug(Authentication attempt: + username + +
password);
try {
Authentication request = new
UsernamePasswordAuthenticationToken(
username, password);
Authentication result =
authenticationManager.authenticate(request);
SecurityContextHolder.getContext().setAuthentication(result);
} catch (AuthenticationException e) {
log.info(Authentication failed: + e.getMessage());
return false;
}
log.info(Authentication success: +
SecurityContextHolder.getContext()
.getAuthentication());
return true;
}
... where authenticationManager is injected by Spring. To show you
exactly where I am getting authenticationManager from, here's my
context configuration:
authentication-manager alias=authenticationManager
authentication-provider
password-encoder hash=md5 /
jdbc-user-service data-source-ref=dataSource /
/authentication-provider
/authentication-manager
I am still undecided whether it is right to have two logins,
1. The initial login (traditional web login that moves me from /
home.html -- /login.html --(login success)-- /admin.html)
2. A secondary login that happens over RPC that provides a quick,
convenient login via an Ajax popup, such that it doesn't interrupt
your workflow
The second is exactly what I wanted all along! Is the first redundant?
Or is it just as well to have it. i.e. 1. protects your web app code
(well the host page), 2. protects the good bits (RPC calls!!!)
--
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
Re: Best practices/ideas for GWT with Spring Security (or equivalent)
Oops, forgot to mention, don't protect the URL that corresponds to the
RPC login service!
Like this:
intercept-url pattern=/**/login.rpc access=permitAll /
intercept-url pattern=/**/*.rpc access=isAuthenticated() /
On Feb 19, 5:28 pm, Paul S paulsschw...@gmail.com wrote:
I got some ideas from
Kenthttp://stackoverflow.com/questions/1013032/programmatic-use-of-spring...
who in turn got some ideas from Spring Security 3 Technical
Overviewhttp://static.springsource.org/spring-security/site/docs/3.0.x/refere...
I now have a set up that resembles Scenario 4.
In my current set up Spring Security is still configured to respond
with a valid html form at /login.html (with my !-- SECURITY-LOGIN-
PAGE -- token hidden in it). So both page requests and XHR Ajax
requests are subject to Spring Security's declarative set up. Whether
I arrive at the host page and am not authenticated, or if I
authenticate and then after my session has timed out I try to call an
RPC service, I will be met with the /login.html contents as the
response. Ok, so the only trick now is that in my GWT app if I get an
InvocationException that equates to Spring Security trying to redirect
me to the /login.html page then I simply show a nice looking GWT popup
that looks like this:
Sorry, your session seems to have expired
Username: __
Password: __
Login
And when the user clicks Login an RPC call to the server is shot off
that looks a bit like this:
public interface LoginService extends RemoteService {
boolean login(String username, String password);
}
Note that the boolean it returns isn't the real business here. The
real business is that we now have an authenticated session on the
server. The boolean returned just tells our GWT app to hide the popup
(if true) or keep showing it and tell the user to try log in again (if
false). That's all.
On the server I then have a service implementation that performs the
login very similarly to what Kent has done:
@Override
public boolean login(String username, String password) {
log.debug(Authentication attempt: + username + +
password);
try {
Authentication request = new
UsernamePasswordAuthenticationToken(
username, password);
Authentication result =
authenticationManager.authenticate(request);
SecurityContextHolder.getContext().setAuthentication(result);
} catch (AuthenticationException e) {
log.info(Authentication failed: + e.getMessage());
return false;
}
log.info(Authentication success: +
SecurityContextHolder.getContext()
.getAuthentication());
return true;
}
... where authenticationManager is injected by Spring. To show you
exactly where I am getting authenticationManager from, here's my
context configuration:
authentication-manager alias=authenticationManager
authentication-provider
password-encoder hash=md5 /
jdbc-user-service data-source-ref=dataSource /
/authentication-provider
/authentication-manager
I am still undecided whether it is right to have two logins,
1. The initial login (traditional web login that moves me from /
home.html -- /login.html --(login success)-- /admin.html)
2. A secondary login that happens over RPC that provides a quick,
convenient login via an Ajax popup, such that it doesn't interrupt
your workflow
The second is exactly what I wanted all along! Is the first redundant?
Or is it just as well to have it. i.e. 1. protects your web app code
(well the host page), 2. protects the good bits (RPC calls!!!)
--
You received this message because you are subscribed to the Google Groups
Google Web Toolkit group.
To post to this group, send email to google-web-tool...@googlegroups.com.
To unsubscribe from this group, send email to
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-web-toolkit?hl=en.
Re: Best practices/ideas for GWT with Spring Security (or equivalent)
This is very interesting
http://seewah.blogspot.com/2009/02/gwt-and-spring-security.html
But comparing See Wah's code, and what I have it looks like mine is
less invasive. In fact I haven't had to do anything to my *ServiceImpl
classes, except to set them up for Spring. I think the key differences
are:
- See Wah uses an Exception to let the client know that you are not
authenticated
- I use a regular page redirect and have to scan for a special token
!-- SECURITY-LOGIN-PAGE --
- See Wah's code allows you to have protection for your RPC calls
- My code allows you to have protection for regular URLs (e.g. /
admin.html), and RPC URLs, and method invocations
- See Wah's code requires you to authenticate yourself via an RPC call
- My code allows you to authenticate yourself via a regular /
login.html page, but then once you're in the GWT app, if your session
expires you are offered an Ajax style login (like See Wah's).
I guess I'm homing in on what I would consider to be my choice of
approach. Keep those thousands of responses coming, folks! ;)
On Feb 19, 5:32 pm, Paul S paulsschw...@gmail.com wrote:
Oops, forgot to mention, don't protect the URL that corresponds to the
RPC login service!
Like this:
intercept-url pattern=/**/login.rpc access=permitAll /
intercept-url pattern=/**/*.rpc access=isAuthenticated() /
On Feb 19, 5:28 pm, Paul S paulsschw...@gmail.com wrote:
I got some ideas from
Kenthttp://stackoverflow.com/questions/1013032/programmatic-use-of-spring...
who in turn got some ideas from Spring Security 3 Technical
Overviewhttp://static.springsource.org/spring-security/site/docs/3.0.x/refere...
I now have a set up that resembles Scenario 4.
In my current set up Spring Security is still configured to respond
with a valid html form at /login.html (with my !-- SECURITY-LOGIN-
PAGE -- token hidden in it). So both page requests and XHR Ajax
requests are subject to Spring Security's declarative set up. Whether
I arrive at the host page and am not authenticated, or if I
authenticate and then after my session has timed out I try to call an
RPC service, I will be met with the /login.html contents as the
response. Ok, so the only trick now is that in my GWT app if I get an
InvocationException that equates to Spring Security trying to redirect
me to the /login.html page then I simply show a nice looking GWT popup
that looks like this:
Sorry, your session seems to have expired
Username: __
Password: __
Login
And when the user clicks Login an RPC call to the server is shot off
that looks a bit like this:
public interface LoginService extends RemoteService {
boolean login(String username, String password);
}
Note that the boolean it returns isn't the real business here. The
real business is that we now have an authenticated session on the
server. The boolean returned just tells our GWT app to hide the popup
(if true) or keep showing it and tell the user to try log in again (if
false). That's all.
On the server I then have a service implementation that performs the
login very similarly to what Kent has done:
@Override
public boolean login(String username, String password) {
log.debug(Authentication attempt: + username + +
password);
try {
Authentication request = new
UsernamePasswordAuthenticationToken(
username, password);
Authentication result =
authenticationManager.authenticate(request);
SecurityContextHolder.getContext().setAuthentication(result);
} catch (AuthenticationException e) {
log.info(Authentication failed: + e.getMessage());
return false;
}
log.info(Authentication success: +
SecurityContextHolder.getContext()
.getAuthentication());
return true;
}
... where authenticationManager is injected by Spring. To show you
exactly where I am getting authenticationManager from, here's my
context configuration:
authentication-manager alias=authenticationManager
authentication-provider
password-encoder hash=md5 /
jdbc-user-service data-source-ref=dataSource /
/authentication-provider
/authentication-manager
I am still undecided whether it is right to have two logins,
1. The initial login (traditional web login that moves me from /
home.html -- /login.html --(login success)-- /admin.html)
2. A secondary login that happens over RPC that provides a quick,
convenient login via an Ajax popup, such that it doesn't interrupt
your workflow
The second is exactly what I wanted all along! Is the first redundant?
Or is it just as well to have it. i.e. 1. protects your web app
Re: GWT 2 using Eclipse with plugin and Spring
Almost... Just tidying a few things before I shared it. On Feb 16, 4:23 pm, maks makspaniza...@gmail.com wrote: Hi, Do you have a working on example on how to use the GWT + GWT-SL + Gilead + Spring? On Feb 16, 5:52 pm, Paul Grenyer paul.gren...@gmail.com wrote: Hi On Tue, Feb 16, 2010 at 9:49 AM, olivier nouguier olivier.nougu...@gmail.com wrote: You're are definitely rigth on those 2 points. not OPs issue: in fact it's rather a Maven/GEP issue. file must be copied in WEB-INF/lib: just for the dev mode. Thanks you and I apologize for the confusion (but as an early maven user I tend to suppose that everybody uses maven ... ) Nah, real programmers see Maven for what it really is. ;-) -- Thanks Paul Paul Grenyer e: paul.gren...@gmail.com b: paulgrenyer.blogspot.com -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
GWT 2 using Eclipse with plugin and Spring
I have a fresh project that I've started to test GWT 2.0.2 with Spring 3. I am using the Eclipse GWT plugin and am using the in-built Jetty server that is enabled by default for hosted mode. GWT creates a web.xml file inside WEB-INF. I opened this up to add some extra Spring functionality to the server side. Some really basic that is causing me such a headache is the applicationContext.xml loading. Inside my web.xml I have put web-app ... listener listener-class org.springframework.web.context.ContextLoaderListener /listener-class /listener ... /web-app which by default expects to find applicationContext.xml inside WEB- INF. The file is there. If I remove it I get an error to the effect that the file could not be found. So by placing a file by that name in the right place that error goes away. Progress. Now In that file I have put some skeleton code that I believe is a valid spring application context file. When I click the green play button in Eclipse (run) I get the following, not very helpful, warning message on the console. The reason I say it's not helpful is because org.springframework.web.context.ContextLoaderListener very much exists and is accessible to the container. If I put it on the classpath it tries to run the main method which is not right. But from previous projects I understand that it being in the WEB-INF/lib folder is the right place. So it is my belief that something is failing silently and then instead this message pops up: [WARN] Could not instantiate listener org.springframework.web.context.ContextLoaderListener java.lang.ClassNotFoundException: org.springframework.web.context.ContextLoaderListener at java.net.URLClassLoader$1.run(Unknown Source) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source) at java.lang.ClassLoader.loadClass(Unknown Source) at org.mortbay.util.Loader.loadClass(Loader.java:91) at org.mortbay.util.Loader.loadClass(Loader.java:71) at org.mortbay.jetty.handler.ContextHandler.loadClass(ContextHandler.java: 1036) at org.mortbay.jetty.webapp.WebXmlConfiguration.initListener(WebXmlConfiguration.java: 629) at org.mortbay.jetty.webapp.WebXmlConfiguration.initWebXmlElement(WebXmlConfiguration.java: 367) at org.mortbay.jetty.webapp.WebXmlConfiguration.initialize(WebXmlConfiguration.java: 289) at org.mortbay.jetty.webapp.WebXmlConfiguration.configure(WebXmlConfiguration.java: 222) at com.google.gwt.dev.ServletValidator.create(ServletValidator.java: 69) at com.google.gwt.dev.ServletValidator.create(ServletValidator.java: 52) at com.google.gwt.dev.DevMode.doSlowStartup(DevMode.java:356) at com.google.gwt.dev.DevModeBase.startUp(DevModeBase.java:1057) at com.google.gwt.dev.DevModeBase.run(DevModeBase.java:783) at com.google.gwt.dev.DevMode.main(DevMode.java:275) I'm wondering if it's a Jetty thing? Or GWT web.xml content restrictions? Really not sure, please help! -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: GWT 2 using Eclipse with plugin and Spring
I believe so, I downloaded spring 3 and the actual jar in question would be this one: org.springframework.web-3.0.0.RELEASE.jar However, in my frustration I just copied ALL the springframework modules and pasted them into my WEB-INF/lib folder just to be sure, but still the same issue. Normally ClassNotFoundException is easy to solve, as a last resort I go to findjar.com and download the nearest match. But this one is strange. I used to develop using a GWT + GWT-SL + Gilead + Spring + Hibernate + Tomcat stack and all went smoothly, but now I'm not sure what the offending component is. On Feb 15, 7:56 pm, Paul Grenyer paul.gren...@gmail.com wrote: Hi [WARN] Could not instantiate listener org.springframework.web.context.ContextLoaderListener java.lang.ClassNotFoundException: org.springframework.web.context.ContextLoaderListener Have you got all the necessary Spring JARs in WEB-INF/lib? -- Thanks Paul Paul Grenyer e: paul.gren...@gmail.com b: paulgrenyer.blogspot.com -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: GWT 2 using Eclipse with plugin and Spring
Any further thoughts on this from anyone? It seems a lot like a problem between Jetty (imposed by GWT) and Spring 3.0, but then how is it possible that I am the only one/first one to face this issue? My actual project code is very simple so I've managed to isolate the problem down to Jetty not wanting to load an applicationContext.xml file. Any idea? I can put my code up if anyone can tell me what they need to see? Thanks, Paul On Feb 15, 8:02 pm, Paul S paulsschw...@gmail.com wrote: I believe so, I downloaded spring 3 and the actual jar in question would be this one: org.springframework.web-3.0.0.RELEASE.jar However, in my frustration I just copied ALL the springframework modules and pasted them into my WEB-INF/lib folder just to be sure, but still the same issue. Normally ClassNotFoundException is easy to solve, as a last resort I go to findjar.com and download the nearest match. But this one is strange. I used to develop using a GWT + GWT-SL + Gilead + Spring + Hibernate + Tomcat stack and all went smoothly, but now I'm not sure what the offending component is. On Feb 15, 7:56 pm, Paul Grenyer paul.gren...@gmail.com wrote: Hi [WARN] Could not instantiate listener org.springframework.web.context.ContextLoaderListener java.lang.ClassNotFoundException: org.springframework.web.context.ContextLoaderListener Have you got all the necessary Spring JARs in WEB-INF/lib? -- Thanks Paul Paul Grenyer e: paul.gren...@gmail.com b: paulgrenyer.blogspot.com -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: GWT 2 using Eclipse with plugin and Spring
) at org.mortbay.jetty.webapp.WebAppContext.startContext(WebAppContext.java: 1220) at org.mortbay.jetty.handler.ContextHandler.doStart(ContextHandler.java: 513) at org.mortbay.jetty.webapp.WebAppContext.doStart(WebAppContext.java: 448) at com.google.gwt.dev.shell.jetty.JettyLauncher $WebAppContextWithReload.doStart(JettyLauncher.java:447) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java: 39) at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java: 130) at org.mortbay.jetty.handler.RequestLogHandler.doStart(RequestLogHandler.java: 115) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java: 39) at org.mortbay.jetty.handler.HandlerWrapper.doStart(HandlerWrapper.java: 130) at org.mortbay.jetty.Server.doStart(Server.java:222) at org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java: 39) at com.google.gwt.dev.shell.jetty.JettyLauncher.start(JettyLauncher.java: 543) at com.google.gwt.dev.DevMode.doStartUpServer(DevMode.java:421) at com.google.gwt.dev.DevModeBase.startUp(DevModeBase.java:1035) at com.google.gwt.dev.DevModeBase.run(DevModeBase.java:783) at com.google.gwt.dev.DevMode.main(DevMode.java:275) On Feb 15, 9:51 pm, Paul S paulsschw...@gmail.com wrote: Any further thoughts on this from anyone? It seems a lot like a problem between Jetty (imposed by GWT) and Spring 3.0, but then how is it possible that I am the only one/first one to face this issue? My actual project code is very simple so I've managed to isolate the problem down to Jetty not wanting to load an applicationContext.xml file. Any idea? I can put my code up if anyone can tell me what they need to see? Thanks, Paul On Feb 15, 8:02 pm, Paul S paulsschw...@gmail.com wrote: I believe so, I downloaded spring 3 and the actual jar in question would be this one: org.springframework.web-3.0.0.RELEASE.jar However, in my frustration I just copied ALL the springframework modules and pasted them into my WEB-INF/lib folder just to be sure, but still the same issue. Normally ClassNotFoundException is easy to solve, as a last resort I go to findjar.com and download the nearest match. But this one is strange. I used to develop using a GWT + GWT-SL + Gilead + Spring + Hibernate + Tomcat stack and all went smoothly, but now I'm not sure what the offending component is. On Feb 15, 7:56 pm, Paul Grenyer paul.gren...@gmail.com wrote: Hi [WARN] Could not instantiate listener org.springframework.web.context.ContextLoaderListener java.lang.ClassNotFoundException: org.springframework.web.context.ContextLoaderListener Have you got all the necessary Spring JARs in WEB-INF/lib? -- Thanks Paul Paul Grenyer e: paul.gren...@gmail.com b: paulgrenyer.blogspot.com -- You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to google-web-tool...@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
Re: GWT 1.5.3 with Eclipse
with the maven archetype you can import a project in two steps... = http://gwt-maven.googlecode.com/svn/docs/maven-googlewebtoolkit2-plugin/archetype.html = mvn archetype:create -DarchetypeGroupId=com.totsp.gwt \ -DarchetypeArtifactId=maven-googlewebtoolkit2-archetype \ -DarchetypeVersion=1.0.3 \ -DremoteRepositories=http://gwt-maven.googlecode.com/svn/trunk/mavenrepo \ -DgroupId=myGroupId \ -DartifactId=myArtifactId = ./projectCreator -eclipse myArtifactId -out myArtifactId = i'm using eclipse 3.4.1 with maven integration for my builds and dependency management, any ant projects are just wrapped... cheers paul On 12/09/2008 03:47 PM, pgoovaerts wrote: Hi, After a session at Devoxx, Antwerp, i got interested in GWT. I'm using Eclipse-IDE for java and web programming, so i'm searching for an eclipse-plug-in to test GWT with this current IDE. Who can give my a link for such? Any good starting points? Manuals / turorials? thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Google Web Toolkit group. To post to this group, send email to Google-Web-Toolkit@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/Google-Web-Toolkit?hl=en -~--~~~~--~~--~--~---
