Hi Duong, The reverse proxy approach is the most flexible as you remove the SOP issues. See the architecture diagrams on this page: http://wiki.restlet.org/docs_2.0/13-restlet/275-restlet/144-restlet/185-rest let.html
However, it does require an extra request and adds some latency. So if you can afford to issue only GET requests and received only JSON entities, then JsonpRequestBuilder is an interesting workaround! I have just entered a RFE to directly support this in Restlet/GWT: "Support cross-domain HTTP/JSON requests in GWT" http://restlet.tigris.org/issues/show_bug.cgi?id=996 Best regards, Jerome Louvel -- Restlet ~ Founder and Lead developer ~ http://www.restlet.org Noelios Technologies ~ Co-founder ~ http://www.noelios.com -----Message d'origine----- De : Duong BaTien [mailto:duong.bat...@gmail.com] Envoyé : lundi 21 décembre 2009 23:02 À : discuss@restlet.tigris.org Objet : Re: need some help with my project design Thanks and keep on with the good works at Restlet. For those interested in the issue, GWT 2.0 seems to offer solution in JsonpRequestBuilder http://google-web-toolkit.googlecode.com/svn/javadoc/2.0/index.html? overview-summary.html Duong BaTien DBGROUPS and BudhNet On Mon, 2009-12-21 at 18:03 +0100, Thierry Boileau wrote: > Hello Duong, > > >Yes, this is what I referred to: Same Origin Policy (SOP) of browser. I > >have explored GWT StockWatcher for cross-site JSONP request/response. > > I wonder if you should instead explore the track of a kinf of reverse > proxy implemented by a Restlet redirector. > The ajax request goes to the redirector (with the target url as a query > parameter for example) which then relays to the target url. > > >I wonder if GWT Reslet client has that facility in place?. > > A ClientResource instance is dedicated to a single resource (ie a single > URI). Thus you can multiply the clientresource/callback pairs. > > > Best regards, > Thierry Boileau > >> Hello Duong, > >> > >>> 1) Whether the Restlet client has the Same Server Origin (SSO) > >>> restriction as with JavaSript? > >>> > >>> > >> Actually, this is at the end pure javascript code, so the restriction > >> applies plainly. > >> see http://code.google.com/p/google-web-toolkit-doc-1-5/wiki/FAQ_SOP > >> > >> > > Yes, this is what I referred to: Same Origin Policy (SOP) of browser. I > > have explored GWT StockWatcher for cross-site JSONP request/response. > > > > > >>> 2) If there is SSO restriction as in the case of JavaScript, are there > >>> facilities to manage request/response from the client to different > >>> servers to make sure that the response coming from its request? > >>> > >> I'm sorry, I'm not sure to fully understand your question. > >> > > > > In that cross-site mashup, one needs a facility to store requested > > callbacks so it can cancel the no-response callback after certain time > > lapsed and identify the callback actually coming from its request. This > > may require a facility more sophisticated than just a HashMap of > > callbacks as shown in GWT StockWatcher. I wonder if GWT Reslet client > > has that facility in place?. > > > >>> Same as the server to make sure that the request comes from legitimate clients? > >>> > >>> > >> Since the server exposes resources to the whole Web, I suppose you are > >> talking about the "authentication" topic. You want the server to check > >> that the incoming request comes from an authenticated client. It can use > >> one of the available authentication mechanism such as HTTP_BASIC, > >> HTTP_DIGEST, HTTP_BASIC+HTTPS, cookies, etc. > >> > > > > It is much more complicated than that. When the server serves a > > resource, it identifies the request with a user profile and its unique > > token. If the user has not been authenticated, then guest Id with > > location may be in the user profile. When user is authenticated, the > > profile is changed accordingly. User second request and/or client state > > maintained at the browser always has the server token so the server know > > the client state, and if required can be directed to Authentication > > process. > > > > I wonder if Restlet and/or anyone has explored this area working with > > GAE. I am also exploring Google Wave where Wave robots are at the Web > > Server served by servlet urls. The web server uses Reslet for resource > > Request/Response to be integrated with Wave server. Any comment in this > > area is appreciated. > > > > Thanks > > Duong BaTien > > DBGROUPS and BudhNet > > > >> Best regards, > >> Thierry Boileau > >> > >> > >> > >>> Thanks > >>> Duong Batien > >>> DBGROUPS and BudhNet > >>> > >>> > >>> On Thu, 2009-12-17 at 09:38 +0100, Thierry Boileau wrote: > >>> > >>> > >>>> Hello Robert, > >>>> > >>>> >Is restlet appropriate for this needs? > >>>> yes, as any other kind of server! > >>>> > >>>> >How would you realize the communication between Client (Javascript) > >>>> and Server (Java) with the help of restlet? > >>>> Ajax, surely. When the user click on the load button, the second frame > >>>> is refreshed and the URL of the target page is sent to the server > >>>> resource by the ajax client (which is better than sending the whole > >>>> document). The targeted resource retrieves the HTML page (which can be > >>>> tidied using *http://tidy.sourceforge.net > >>>> <http://tidy.sourceforge.net/>). The server resource then returns data > >>>> (rdf or xml, or json, etc) to the ajax client in order to refresh the > >>>> main frame. > >>>> > >>>> *So, one server resource either accepting GET request (with a query > >>>> parameter that contains the target URI), or accepting POST requests > >>>> (with the target URI in the body). It returns either RDF, XML, etc > >>>> according to the client preferences. > >>>> > >>>> Best regards, > >>>> Thierry Boileau > >>>> > >>>> > >>>>> Hey! > >>>>> > >>>>> I want to develop a webapplication with the following functionality: > >>>>> > >>>>> 0) overview: http://dl.dropbox.com/u/1266822/overview.jpg > >>>>> > >>>>> 1) The html,css,javascript content is delivered by the server. > >>>>> 2) The page consists of 2 frames. the second one loads the webpages the user wants to open. > >>>>> 3) The server receives the DOM of the loaded page. > >>>>> 4) The client receives data in the form of rdf or xml. > >>>>> > >>>>> > >>>>> Is restlet appropriate for this needs? How would you realize the communication between Client (Javascript) and Server (Java) with the help of restlet? > >>>>> Would be really nice if you could give me a short overview of what I have to take care of. > >>>>> > >>>>> Thanks in advance, > >>>>> Robert > >>>>> > >>>>> ------------------------------------------------------ > >>>>> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24308 35 > >>>>> > >>>>> > >>>>> > >>>>> > >>>> ------------------------------------------------------ > >>>> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24310 75 > >>>> > >>>> > >>> ------------------------------------------------------ > >>> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24312 01 > >>> > >>> > >>> > >> ------------------------------------------------------ > >> http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24315 15 > >> > > > > ------------------------------------------------------ > > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24316 26 > > > > > > ------------------------------------------------------ > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24320 40 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=24320 90 ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2433378
