Thanks Joseph for sharing your experiences. I have a question regards this, for example you have a button that is enabled to *ADD_ITEM. *Do you extends GWT compents for show for some 'actions' or make some if statements?
Is a simple question, but is nice to know how deal with this. The extend of component is more concise but we need to customize N components for example and the other way make the code complex to mantain. Thanks 2012/6/13 Joseph Lust <lifeofl...@gmail.com> > I'm sure other folks' examples will differ, but we did the following: > > > 1. Entitlements set as an Enum like *enum UserEntitlement { VIEW_HOME, > VIEW_ITEM, ADD_ITEM, DELETE_ITEM }* > 2. On user login, *UserEntitlement[] *fetch sent from backend to > client > 3. Restricted UI elements are enabled based on the entitlements found > in (2) > 4. When RPC's are done, Spring Method level security used to confirm > that the user has the proper entitlement to run that method > > > Basically the nice part is just using the annotations to secure remote > methods and the concomitant alteration of the UI based on the user > entitlements. > > I did not mention using Spring to restrict access to files since GWT > pushes the entire compiled application to the client first. Because of > this, there really are not pages to protect, just RPC's with method level > security, in case someone spoofs their entitlements on the client side. > > > Sincerely, > Joseph > > -- > You received this message because you are subscribed to the Google Groups > "Google Web Toolkit" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-web-toolkit/-/PZHZgoV_A84J. > To post to this group, send email to google-web-toolkit@googlegroups.com. > To unsubscribe from this group, send email to > google-web-toolkit+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/google-web-toolkit?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to google-web-toolkit@googlegroups.com. To unsubscribe from this group, send email to google-web-toolkit+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.