java - How to use Spring authorization in client side in GWT -

-

i have been trying implement role base authorization in client side code limit views specific users.

i'm trying use following code limit view

@preauthorize("hasrole('role_user')")     public void create(contact contact);

i'm trying add following code 

authentication = securitycontextholder.getcontext().getauthentication();     userdetails currentuserdetails = (userdetails) a.getprincipal();

and added following in module.gwt.xml file

<inherits name='org.springframework.security.core.authentication' /> <inherits name='org.springframework.security.core.context.securitycontextholder' /> <inherits name='org.springframework.security.core.userdetails.userdetails' />

but giving following error while compiling

[error] unable find 'org/springframework/security/core/authentication.gwt.xml' on classpath; typo, or maybe forgot include classpath entry source? [java][error] line 22: unexpected exception while processing element 'inherits'

please suggest me i'm going wrong , can make work.

the short answer is: it's not possible.

on client side, a specific subset of java emulated, , libraries use have made work gwt (including having own .gwt.xml).

when try use spring classes on client side, gwt not know them , throw error, , if try import modules, corresponding .gwt.xml file (which doesn't exist because spring project not made work gwt).

so, can ?

  • protect rpc calls server side: event if user can load view, not able load datas.

  • protect .html page non authenticated users (you have create different page login). prevent access application users not logged. can have here other ideas including servlets/jsp.

  • make rpc call every time user request view check if authenticated/if have rights. idea cache information client-side avoid slowing down application (don't forget clean cache when user log-out).


Comments

Post a Comment

Popular posts from this blog

c# - How to get the current UAC mode -

-
can check current uac type set in device before running application through c#. i got know approach check whether current user administrator or not. but, need know uac type set (i.e. default/never notify) internal logic. is possible? please help. this article self-elevation , checking level program runs in. due security reasons i'm afraid won't able retrieve uac level set. http://code.msdn.microsoft.com/windowsdesktop/csuacselfelevation-644673d3
Read more

postgresql - Lazarus + Postgres: incomplete startup packet -

-
i've been building lazarus pascal program using postgresql on back-end. used work fine following lines opening db. dbconn:= tpqconnection.create(nil); dbconn.hostname := 'localhost'; dbconn.databasename:= 'dbhrs'; dbconn.username:='mizk'; dbconn.password:='123'; dbconn.open; if dbconn.connected openhrsdb := true else openhrsdb := false; but moment change localhost server's ip (on lan), program stops. no errors or warnings. have no clue happening. here related details may narrow down problem. the program i'm running workstation on same lan server. both machines run ubuntu 12.04 desktop i can access postgres db on server using pgadmin iii, guess it's not firewall issue. i have allowed postgresql ufw , ufw disabled. strangely, when firewall disabled, can ssh server terminal using workstation. when it's enabled, can't my biggest concern right why pascal program not working when i...
Read more

javascript - Ajax jqXHR.status==0 fix error -

-
$.ajax({ url: urlstring, datatype: "json", type: "get", success: function (data) { alert(data); }, error: function (jqxhr, exception) { if (jqxhr.status === 0) { alert('not connect.\n verify network.'); } else if (jqxhr.status == 404) { alert('requested page not found. [404]'); } else if (jqxhr.status == 500) { alert('internal server error [500].'); } else if (exception === 'parsererror') { alert('requested json parse failed.'); } else if (exception === 'timeout') { alert('time out error.'); } else if (exception === 'abort') { alert('ajax request aborted.'); } else { alert('uncaught error.\n' + jqxhr.responsete...
Read more