Reputation: 56924
Does GWT 2.5+ have an "Authentication Framework"?
Does the modern (2.5+) version of GWT have an "authentication framework"? That is, some kind of security framework built around session auth & management? I would need this framework to be responsible for securely setting cookies/session vars upon successful login, and clear them upon successful log out.
If not, what do GWT developers typically use for auth? Shiro? Would something like filter-based auth be appropriate or are there better frameworks? If so, what?
Upvotes: 0
Views: 182
Answers (1)
Reputation: 166
GWT once compiled is all javascript. You need something on the server-side checking your roles and authorizations. There are several options to implement security. One common paradigm is use Spring security on the server side, and onModuleLoad / EntryPoint class of your GWT application, make a call to the server-side proxy to check / authentication and authorization status. If you get valid response back, continue loading the app, otherwise navigate to the error / login page. Needless to say secure the rest of the proxies and any other services you are exposing, as well.
Upvotes: 1
Related Questions
- GWT RequestFactory-based authentication
- GWT-Platform login + session management
- GWT and Authentication
- GWT Login: how to implement it?
- GWT Authentication and user info access
- GWT Framework
- Java EE user authentication and GWT
- Is there any official GWT(2.4) Validation Framework?
- GWT authenticated user session
- Session management in GWT without using Java on the server?