CODEWITHSUNDEEP
securityjsonspringrestgwt
Randomize
Randomize

Reputation: 9103

Integration Spring Security 3 with GWT 2.1 REST/JSON application

I need to use Spring Security 3 in my application which is composed by Spring 3 for the server side and GWT 2.1 for the client side.

Client side and server side are totally decoupled, I mean they don't belong to the same project in the eclipse workspace (server side is managed by maven and client side uses prebuilt ant files) and till now they "communicate" each other using Rest/Json.

Googling I found some tutorials and tips about integration with Spring Security but all of them suppose that "client side" knows spring-server-side classes, and so using @Controller @Autowired etc under the gwt.server package. In my case this is not possible (or not clean to do).

Is there a way to use Spring Security and keeping the code "decoupled"? Maybe for every (rest) client request I should use "basic authentication"?

Thanks, Rand

Upvotes: 3

Views: 2303

Answers (2)

imrabti
imrabti

Reputation: 285

I just completed writing an article on how to integrate GWT with Spring security without having the need to use any JSP or static page.

You can check this in here : http://crazygui.wordpress.com/2014/08/29/secure-rest-services-using-spring-security/ I also posted a working example on GitHub.

Upvotes: 0

Hilbrand Bouwkamp
Hilbrand Bouwkamp

Reputation: 13519

Here are some links I found and used when implementing GWT/Spring Security:

http://blahti.wordpress.com/2010/02/04/basics-of-gwt-authentication/

http://www.javacodegeeks.com/2010/12/securing-gwt-apps-with-spring-security.html

In summary simply see GWT as static html pages to be served and rest calls just requests for static pages. Only if you want specific information in the client, which comes from spring security, like username, you need to add something to the server side, but this in your case can also be done via a rest call.

Upvotes: 2

Related Questions