Well, on the client (browser), there's no security at all. Security (that is, protecting your site from the user), is impossible. If you just mean disabling buttons or changing parts of the page, then you can just pass back permissions to do that. It doesn't guarantee anything, of course.
If you mean on the server, GWT requests are web requests. So you intercept them with the filter (shown in my post). If you mean something else, let me know. -- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To view this discussion on the web visit https://groups.google.com/d/msg/google-appengine-java/-/U6-P-0mm1HkJ. To post to this group, send email to google-appengine-java@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.