I'm currently developing a Spring/GWT application most things are
going just fine but I've experienced some troubles integrating with
Spring Security. It looks like there is no way to install "global"
handlers for asyncCallback failures to handle 401/403 errors. As I've
found there's currently two ways of integrating:
1. Check for error code in every onFailure handler of my
asyncCallbacks. Looks pretty ugly to me, the only way to "fix" is to
abstract asyncCallback and implement onSecondFailure as a method that
will be called from onFailure
2. Upcoming RequestFactory that is not yet stable as I understood
(still in developement)
So, the question: is there any "best practice" to enable security in
GWT apps? I believe it needs to be XSRF-proof, handle session-timeout,
401/403 status codes from service calls.
--
You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To post to this group, send email to google-web-toolkit@googlegroups.com.
To unsubscribe from this group, send email to google-web-toolkit+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
No comments:
Post a Comment