Announcement Announcement Module
Collapse
No announcement yet.
Secure GWT applications Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Secure GWT applications

    I try to secure my Google Web Toolkit Application with Spring Security 3.0.5. The problem is that the login form is not rendered correctly as you see in the screenshot Attachment .

    In my opinion the problem is that the application runs in an iframe. If I call a service of the application which does not run in an iframe the login form is displayed correctly and the login works well.

    So does anyone have an idea to solve this? I think the solution whould be to breakout of the iframe so that the login form is rendered on a new page.

    Update:

    My configuration so far:

    <?xml version="1.0" encoding="UTF-8"?>

    <beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schem...-beans-3.0.xsd
    http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">

    <beans:bean id="customAuthListener" class="com.nfl.economapp.security.CustomAuthListen er" />

    <http auto-config="true" >
    <intercept-url pattern="/**" access="ROLE_USER" />
    <intercept-url pattern="/gwt/**" access="ROLE_USER" />
    <intercept-url pattern="/_ah/**" filters="none" />
    <form-login />
    <logout />
    </http>

    <beans:bean id="customAuthenticationProvider" class="com.nfl.economapp.security.CustomAuthentica tionProvider" />

    <authentication-manager alias="authenticationManager">
    <authentication-provider ref="customAuthenticationProvider" />
    </authentication-manager>

    </beans:beans>
    Attached Files
    Last edited by rschaniel; Nov 26th, 2012, 05:00 PM.

  • #2
    The problem is most likely the RPC Call

    Comment

    Working...
    X