Re: GWT & Spring Security

Wed, 13 Jun 2012 08:33:02 -0700 

Thanks Joseph for sharing your experiences.

I have a question regards this, for example you have a button that is
enabled to *ADD_ITEM. *Do you extends GWT compents for show for some
'actions' or make some if statements?

Is a simple question, but is nice to know how deal with this. The extend of
component is more concise but we need to customize N components for example
and the other way make the code complex to mantain.

Thanks

2012/6/13 Joseph Lust <lifeofl...@gmail.com>

> I'm sure other folks' examples will differ, but we did the following:
>
>
>    1. Entitlements set as an Enum like *enum UserEntitlement { VIEW_HOME,
>    VIEW_ITEM, ADD_ITEM, DELETE_ITEM }*
>    2. On user login,  *UserEntitlement[] *fetch sent from backend to
>    client
>    3. Restricted UI elements are enabled based on the entitlements found
>    in (2)
>    4. When RPC's are done, Spring Method level security used to confirm
>    that the user has the proper entitlement to run that method
>
>
> Basically the nice part is just using the annotations to secure remote
> methods and the concomitant alteration of the UI based on the user
> entitlements.
>
> I did not mention using Spring to restrict access to files since GWT
> pushes the entire compiled application to the client first. Because of
> this, there really are not pages to protect, just RPC's with method level
> security, in case someone spoofs their entitlements on the client side.
>
>
> Sincerely,
> Joseph
>
> --
> You received this message because you are subscribed to the Google Groups
> "Google Web Toolkit" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/google-web-toolkit/-/PZHZgoV_A84J.
> To post to this group, send email to google-web-toolkit@googlegroups.com.
> To unsubscribe from this group, send email to
> google-web-toolkit+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/google-web-toolkit?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to 
google-web-toolkit+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/google-web-toolkit?hl=en.

Reply via email to