hi there, i'm developing an application that came into a common use case when HTML is generated from server side, which is whether to include or not an element in the output based on security constraints applicable for the current user only.
some security frameworks, like the one we're using (apache shiro), provides special jsp / gsp tags to achieve this, like <g:hasPermission("somekey">.... then render component. can you point me some patterns or information to achieve the same thing with GWT? my first approach was to use the constructor of a composite with a security constraint container, so i can do the typical question: if (securityContainer.hasPermission()) { add or show o enable the button..... } else { //no button to push } being the security constraint container a simple JSObject obtained from the server with an rpc service. and only when it is available, the widgets are creted. but this is not only a bad solution, in terms of coding standards but also brings a question: wouldn't the security constraint container be available to a DOM inspector for analysis? some kind of a BIG HOLE in security? i know i can create a secure version of every widget i need to protect, but, the security constraints problem is the same. any ideas would be appreciated. thanks in advance. -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.