Working on my project I implemented the Command Pattern for asynchronous service calls. According to it I have one service interface receiving a Command implementation object containing the needed data for a certain functionality. Using the command objects I also pass the session id which is read from a cookie (see previous article). Now, following Java conventions to avoid redundant data I created a hierarchy of Command implementation classes where the top class is abstract and contains the session id property. Every other Command object extends this class and inherits the session id property.
Being proud of myself I started to test the application and was getting and authentication exception for every request sent to the server. WTF???
While debugging I saw that the session id property in the command objects I sent to the server was always null! After removing the abstract command class containing the property and moving the property to every non-abstract command implementation (I hate to create redundant code!) everything was working fine again - the session id arrived nicely to the server.
Obviously, GWT, while compiling java code placed in the client sub-package to JavaScript, doesn't convert class hierarchies properly. JavaScript objects created by GWT compiler don't inherit class properties in hierarchies implemented in the way I did it for my project. It's no problem, actually, but doesn't let us to create a beautiful java code with no redundancy.
Well, you obviously cannot have everything :)
Oct 23, 2009
Oct 22, 2009
GWT and Cookies
As for every application there is always a moment where we have to think about security and login implementation. So did I for my recent project.
After some research and experimental implementation of application security I ended up evaluating integration Spring Security with GWT and the standard implementation recommended by GWT developers themselves. I decided to go the GWT way - to implement the security using generated session id and cookies. While programming the login logic I faced a strange problem: com.google.gwt.user.client.Cookies.setCookie(...) just didn't work. No cookie was created in the file system.
Close to desperate after quite long researches I experienced kinda "enlightment" ;) - it might have to do with the way I redirected the request to my web server to the GWT application! I was using the standard JSP redirect tag (JSTL: <c:redirect url="path/to/my/page.html" />)!
One thing made me wonder, but not reacting in any way - the "jsessionid" parameter in the redirect request. As I found out, exactly this parameter prevented me to create and save a cookie containing the generated session id to the client's machine.
After I changed the redirect functionality to the standard HTML way (<meta http-equiv="REFRESH" content="0;url=path/to/my/page.html"/>) - it worked!
After some research and experimental implementation of application security I ended up evaluating integration Spring Security with GWT and the standard implementation recommended by GWT developers themselves. I decided to go the GWT way - to implement the security using generated session id and cookies. While programming the login logic I faced a strange problem: com.google.gwt.user.client.Cookies.setCookie(...) just didn't work. No cookie was created in the file system.
Close to desperate after quite long researches I experienced kinda "enlightment" ;) - it might have to do with the way I redirected the request to my web server to the GWT application! I was using the standard JSP redirect tag (JSTL: <c:redirect url="path/to/my/page.html" />)!
One thing made me wonder, but not reacting in any way - the "jsessionid" parameter in the redirect request. As I found out, exactly this parameter prevented me to create and save a cookie containing the generated session id to the client's machine.
After I changed the redirect functionality to the standard HTML way (<meta http-equiv="REFRESH" content="0;url=path/to/my/page.html"/>) - it worked!
Oct 5, 2009
Rent.co.uk was sold for $100000!
Congrats to the seller of Rent.co.uk! It was a really remarkable sale success! More details about the case here.
Now, there is another great domain name on Sedo.com - PremiumRent.co.uk. This would be a perfect purchase. The domain name can be developed as an additional site for premium real estate rentals/sales or as competition to the existing one. Also interesting for resellers. The name definitely has great potential!
Place your bid now!
Now, there is another great domain name on Sedo.com - PremiumRent.co.uk. This would be a perfect purchase. The domain name can be developed as an additional site for premium real estate rentals/sales or as competition to the existing one. Also interesting for resellers. The name definitely has great potential!
Place your bid now!
Subscribe to:
Posts (Atom)
