Conditional interface with GWT and Spring Security?

Question

Conditional interface with GWT and Spring Security?

What are the best practices for creating a conditional user interface using GWT and Spring Security based on user roles / permissions?

I know that you cannot rely on client-side security. I will have server side security checks. The conditional user interface is valid for appearance only.

+4

java spring spring-security gwt gwt2

Thedbomb Jul 13 '12 at 19:44

source share

2 answers

We use GWT.runAsync to separate pieces of code that users might not need to see. When it's time to load the user interface, we just check what they need and then display it.

We distracted most of the necessary business logic in the settings that we load for each user, for example, "showTeacherControls" and "showAdvisorControls" and "showStudentControls". The client can then simply check these flags to figure out what to display.

+1

Iley lark Jul 14 '12 at 13:55

source share

user1207177 · Accepted Answer · 2014-06-02T16:57:09+0000

You will need a service to get a list of user roles from the server (which they have) to the client (which is not the case). In the onSuccess callback method, you will have code similar to the following:

if (roles.contains("role1")) { GWT.runAsync(new RunAsyncCallback() { public void onFailure(Throwable caught) { Window.alert("Code download failed"); } public void onSuccess() { // code here if the user has role1 } }); } if (roles.contains("role2")) { GWT.runAsync(new RunAsyncCallback() { public void onFailure(Throwable caught) { Window.alert("Code download failed"); } public void onSuccess() { // code here if the user has role2 } }); } // and so on

Conditional interface with GWT and Spring Security?

More articles: