roikkuf / gwtsecurity Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/gwtsecurity
Automatically exported from code.google.com/p/gwtsecurity
It would be nice to have gwtsecurity be able to resend the original rpc payload
after successful login.
This way no data would be lost after a session timeout.
Is this possible?
Original issue reported on code.google.com by [email protected]
on 4 May 2011 at 8:53
GWTSessionAuthenticationException cannot be de-serialized because it doesn't
nave a default constructor. Please see attached patch.
Original issue reported on code.google.com by [email protected]
on 7 May 2011 at 7:45
Attachments:
While working with gwtsecurity it appears that sessions don't get created when
allowSessionCreation = true in the doFilter method.
I have attached patch that seems to fix this issue.
Thanks!
Original issue reported on code.google.com by [email protected]
on 15 Apr 2011 at 9:29
Attachments:
version gwtsecurity-core-1.2.2
All loginable services swallow Server-side exceptions and there is no way to
workaround.
Loginable services don't call onFailure method of AsyncCallback on Exception
thrown by the remote service.
Original issue reported on code.google.com by [email protected]
on 25 Apr 2013 at 1:49
What steps will reproduce the problem?
1. Modify password of users admin and staff as follows:
<user-service>
<user name="admin" password="admin" authorities="ROLE_ADMIN, ROLE_STAFF"/>
<user name="staff" password="staff" authorities="ROLE_STAFF"/>
</user-service>
2. Run gssDemo2
3. Click on the 'Send' button next to 'whisperServer secured method(for
ROLE_ADMIN)'
4. Login Box appears.
5. Enter Account=admin and Password=admin and click on Submit button.
6. Login fails and 'Error prone:Bad creden...' error is displayed in the login
box.
What is the expected output? What do you see instead?
Expected Output: Login should be successful and Login box should disappear
Observed Output: Login fails and 'Error prone:Bad creden...' error is displayed
in the login box.
What version of the product are you using? On what operating system?
Product Version: built from trunk using maven
Operating System: Ubuntu 10.10
Web Browser: Firefox and Chrome
Please provide any additional information below.
I monitered the requests sent by the browser using firebug and found that when
admin/admin (username/password) is sent from login box the request's data is:
7|0|6|http://127.0.0.1:8888/demo2/|15EA1962E9203BB676A17298A13ABB0E|com.gwt.ss.c
lient.GwtLogin|j_gwt_security_check|java.lang.String/2004016611|admin|1|2|3|4|2|
5|5|6|6|
but when admin/user is sent from login box the request's data is:
7|0|7|http://127.0.0.1:8888/demo2/|15EA1962E9203BB676A17298A13ABB0E|com.gwt.ss.c
lient.GwtLogin|j_gwt_security_check|java.lang.String/2004016611|admin|user|1|2|3
|4|2|5|5|6|7|
It seems like GWT compressed the data and used used only one string literal for
repeated parameters and used two references to it (see |6|6| at end of first
request and |6|7| at the end of other)
Original issue reported on code.google.com by [email protected]
on 18 Mar 2011 at 2:01
With the release to the maven central repository we need to update the "Project
Home" page on the google code site.
The JavaDoc link is now broken. It needs to be updated to:
http://gwtsecurity.googlecode.com/svn/javadoc/latest/index.html
We also need to change the dependency under the "Maven User" to be:
<dependency>
<groupId>com.google.code</groupId>
<artifactId>gwtsecurity</artifactId>
<version>1.1.0</version>
</dependency>
Original issue reported on code.google.com by [email protected]
on 15 Jun 2011 at 9:56
What steps will reproduce the problem?
1. Login to an application
2. Wait for session timeout
3. Do any action that requires authentication
What is the expected output? What do you see instead?
The error message of the exception should be something like "Invalid session"
or "Session expired because of timeout".
Right now it is "Session has invalid." - which is kind of meaningless.
What version of the product are you using? On what operating system?
1.2.0rc1, trunk
Original issue reported on code.google.com by [email protected]
on 31 Dec 2012 at 12:08
What steps will reproduce the problem?
1. Run any of the demo apps
2. Launch Firebug
3. Login
4. See that UID & Pwd are in plain text
What is the expected output? What do you see instead?
UID & Pwd would be encrypted
What version of the product are you using? On what operating system?
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 5 Sep 2012 at 3:54
After upgrading to gwtsecurity-core:1.2.0 loginable services don't call
HasLoginHandler.startLogin(throwable) method at all
Indeed I've check the history of changes and found that
com.gwt.ss.rebind.LoginableGenerator.java doesn't generate any line of code
which would call "startLogin()" method.
I don't understand how your demos are working at all.
Original issue reported on code.google.com by [email protected]
on 18 Apr 2013 at 10:52
I have been working on session concurrency and it looks like the
GWTSessionManagement class never calls sessionStrategy.onAuthentication().
My code seems to always return true at the getSecurityContextRepository call.
I am not very familiar with aspectj but the SessionManagementFilter processes
the filter chain first then checks the securityContextRepository for the
context and it appears that the GWTSessionManagement class checks the
securityContextRepository first then processes the chain.
It may be that the context is not getting released prior to the check.
Original issue reported on code.google.com by [email protected]
on 6 May 2011 at 8:44
What do you think about having the project added to the Maven Central
Repository? I have had some experience in this and could refactor the project
to make use of the Sonatype servers located at http://oss.sonatype.org.
Basically you deploy your project to the Sonatype servers and then they
synchronize with the Central Repo.
This would require us to change the pom to reflect the hosting location.
Something like this:
<groupId>com.google.code</groupId>
<artifactId>gwtsecurity</artifactId>
<version>1.1.0</version>
I would also probably recommend changing the package definitions to reflect the
changes to the groupId and artifactId.
What do you think?
Original issue reported on code.google.com by [email protected]
on 9 Jun 2011 at 7:12
I would recommend updating the pom.xml to gwtVersion 2.3.0. It doesn't look
like the 1.0.3 jar supports gwt 2.3.0. If I change the pom to:
<gwtVersion>2.3.0</gwtVersion>
everything works again.
Original issue reported on code.google.com by [email protected]
on 27 May 2011 at 5:26
I would recommend creating a users forum at google groups for this project.
Thanks!
Original issue reported on code.google.com by [email protected]
on 6 May 2011 at 8:39
I have created a patch that adds the following exceptions:
AccountExpiredException
AccountStatusException
CredentialsExpiredException
DisabledException
LockedException
UsernameNotFoundException
The patch moves the gwt exceptions into a separate package and refactors the
GwtResponseUtil.processGwtException method.
The refactoring of the processGwtException method allows for easy addition of
new exceptions that need to be added in the future by calling the
createGwtException method.
I tried to provide the Chinese translation for my comments (using Google
Translate) but they may not be correct.
Original issue reported on code.google.com by [email protected]
on 8 Jun 2011 at 6:14
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.