RE: Re: GWT 1.6.4 (client only)
For org.restlet.gwt the only changes I made were: In GWT.gwt.xml I used only two deps: inherits name=com.google.gwt.json.JSON/ inherits name=com.google.gwt.xml.XML/ And generated the jar with the java files inside. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997374
RE: GWT 1.6.4 (client only)
Hi, (I think that I already posted this message anonymously...) I'm trying to understand why the GwtShellServletWrapper doesn't start in hosted mode. It seems to be some classloader problems... Anyway, I found something that I'm feeling it's not right in org.restlet.engine.Engine.java, in the loadClass(String className). In line : result = Class.forName(className); this can result in a ClassNotFoundException that will make the method throw that exception and the last two conditions will never be evaluated. In hosted mode, I'm only having success if I surround this code with a try/catch and ignore the exception. I can load the class with the ClassLoader.getSystemClassLoader() However, in org.restlet.ext.gwt.GwtShellServletWrapper, lines: this.gwtShellServletServiceMethod = this.gwtShellServlet.getClass() .getMethod(service, javax.servlet.ServletRequest.class, javax.servlet.ServletResponse.class); The method cannot be found in the class... that's why I suspect that can be some classloader problems. any hint? -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1997282
RE: Re: Questions about HTTP Authentication
I was looking with the getCredentials... the password is ok on the char[] secret thanks -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1971978
RE: Re: securing the whole application
Just one more question: Let say that I have the resource User.
GET user/{username} - get the user representation identified by {username}
I want to filter the information sent back in the Representation of the user,
for example: Let say the user is authenticated in and he requests his profile
by using GET user/{username}. He can get all the information of the user
profile and even put some modifications back. However if the user is
authenticated, he can get only a limited set of that same information and
cannot put any kind of change.
What is the best approach to deal with this?
One alternative may be to have two different representations: One for
authenticated users and other for not authenticated users? In this case may
we have a Guard, that authenticates the user based on a cookie, for example,
and forward the request to the same restlet but to generate different
representations based on the outcome of the authentication?
May I have your opinions or known best practices around my issue?
--
http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1967653
RE: Re: securing the whole application
Sure it helped. Thanks. -- http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447dsMessageId=1967245
