Open Hub
Open Hub

 Settings |  Report Duplicate

21
I Use This!
Activity Not Available

News

What's new in Errai 3? Part 2: Role-Based Access Control and PicketLink Integration
Posted almost 11 years ago by [email protected] (Max Barkley)
This is the second post in a series describing new features in Errai 3.0. This article is about Errai Security, which provides role-based access control with optional PicketLink integration.Errai Security provides a declarative way of securing pages ... [More] , UI elements, and remote services. Below we'll show how it is used, and how you can use it with PicketLink or another server-side security framework of your choice.@RestrictedAccessRole-based access control in Errai Security is focused around the @RestrictedAccess annotation. Whether you're securing a @Page, @Remote interface or UI element, you simply annotate the secured resource with @RestrictedAccess.The annotation takes an optional array of role names (Strings). For a user to be able to access a resource, they must have all of these roles; if they do not have all of the required roles, we say that the user is unauthorized. @RestrictedAccess without roles blocks access to those not logged-in; if a user is denied access because they are not logged-in, we say that they are unauthenticated.Restricting @PageHere is an Errai Navigation @Page that restricts access to users lacking the admin role:When a user is denied access to this page, one of two things will happen: They will be redirected to the application's login page if unauthenticated. They will be redirected to the application's security error page if unauthorized. You can define any Errai Navigation page as login page or security error page with the @Page annotation role attribute. For example, here is a class that functions as both a login and security error page: Restricting @DataFieldsIn @Templated widgets, Errai Security can be used to apply CSS styles to template-bound fields (for example for hiding UI elements from unauthorized users).When a user lacks permissions for one of the @DataFields above, the element in the template will have the CSS class, errai-restricted-access-style, applied. The CSS definitions ensure that the admin anchor will not be displayed to unauthorized users while the logout anchor will only be seen by unauthenticated users.Restricting Remote ServicesErrai Security can be used to secure Errai Bus RPCs, JAX-RS Endpoints, and Errai Messaging Services. When access to a service is denied, a UnauthenticatedException or UnauthorizedException is thrown on the server, which can be handled on the client with an ErrorCallback.The default error handling provides behaviour similar to @RestrictedAccess on @Pages: unauthorized access causes navigation to the security error page and unauthenticated access causes navigation to the login page.Errai Bus RPCErrai JAX-RS EndpointAuthentication and Server-Side IntegrationThe single point of contact between Errai Security and your preferred server-side security framework is the AuthenticationService. This interface is used to log in and out, and obtain an instance of the current User. The AuthenticationService is an @Remote interface, so you can use Errai RPC to call it from the client. errai-security-picketlink.jar provides a default AuthenticationService implementation using PicketLink. Using this implementation requires no configuration: just have the jar on your classpath and you're good to go.Here is a login page that uses an AuthenticationService caller for logging in.Using a Custom AuthenticationServiceIntegrating Errai Security with a different security back-end is as simple as implementing the AuthenticationService, and making your implementation a valid CDI bean. You can even implement your own User and Role types: for example, the Errai JPA Demo AuthenticationService uses a custom User implementation that is a JPA entity.See It In ActionIf you'd like to see Errai Security in action, you should checkout the Errai Security Demo. If you have any feedback, we'd love to hear it! [Less]
What's new in Errai 3? Part 2: Role-Based Access Control and PicketLink Integration
Posted almost 11 years ago by [email protected] (mbarkley)
This is the second post in a series describing new features in Errai 3.0. This article is about Errai Security, which provides role-based access control with optional PicketLink integration.Errai Security provides a declarative way of securing pages ... [More] , UI elements, and remote services. Below we'll show how it is used, and how you can use it with PicketLink or another server-side security framework of your choice.@RestrictedAccessRole-based access control in Errai Security is focused around the @RestrictedAccess annotation. Whether you're securing a @Page, @Remote interface or UI element, you simply annotate the secured resource with @RestrictedAccess.The annotation takes an optional array of role names (Strings). For a user to be able to access a resource, they must have all of these roles; if they do not have all of the required roles, we say that the user is unauthorized. @RestrictedAccess without roles blocks access to those not logged-in; if a user is denied access because they are not logged-in, we say that they are unauthenticated.Restricting @PageHere is an Errai Navigation @Page that restricts access to users lacking the admin role:When a user is denied access to this page, one of two things will happen:They will be redirected to the application's login page if unauthenticated.They will be redirected to the application's security error page if unauthorized.You can define any Errai Navigation page as login page or security error page with the @Page annotation role attribute. For example, here is a class that functions as both a login and security error page:Restricting @DataFieldsIn @Templated widgets, Errai Security can be used to apply CSS styles to template-bound fields (for example for hiding UI elements from unauthorized users).When a user lacks permissions for one of the @DataFields above, the element in the template will have the CSS class, errai-restricted-access-style, applied. The CSS definitions ensure that the admin anchor will not be displayed to unauthorized users while the logout anchor will only be seen by unauthenticated users.Restricting Remote ServicesErrai Security can be used to secure Errai Bus RPCs, JAX-RS Endpoints, and Errai Messaging Services. When access to a service is denied, a UnauthenticatedException or UnauthorizedException is thrown on the server, which can be handled on the client with an ErrorCallback.The default error handling provides behaviour similar to @RestrictedAccess on @Pages: unauthorized access causes navigation to the security error page and unauthenticated access causes navigation to the login page.Errai Bus RPCErrai JAX-RS EndpointAuthentication and Server-Side IntegrationThe single point of contact between Errai Security and your preferred server-side security framework is the AuthenticationService. This interface is used to log in and out, and obtain an instance of the current User. The AuthenticationService is an @Remote interface, so you can use Errai RPC to call it from the client. errai-security-picketlink.jar provides a default AuthenticationService implementation using PicketLink. Using this implementation requires no configuration: just have the jar on your classpath and you're good to go.Here is a login page that uses an AuthenticationService caller for logging in.Using a Custom AuthenticationServiceIntegrating Errai Security with a different security back-end is as simple as implementing the AuthenticationService, and making your implementation a valid CDI bean. You can even implement your own User and Role types: for example, the Errai JPA Demo AuthenticationService uses a custom User implementation that is a JPA entity.See It In ActionIf you'd like to see Errai Security in action, you should checkout the Errai Security Demo. If you have any feedback, we'd love to hear it! [Less]
What's new in Errai 3? Part 1: RPC Enhancements
Posted almost 11 years ago by [email protected] (Christian Sadilek)
This is the first post in a series describing new features in Errai 3 that we haven't blogged about so far. We have recently published the first release candidate and plan to release 3.0.0.Final by the end of the month.Today's focus is on ... [More] enhancements made to Errai's RPC mechanism. You can find all details in our reference guide.Global Exception HandlersIn your application you will likely find many remote procedure calls that potentially throw the same type of exception, usually related to some cross-cutting concern (i.e. authorization/authentication). Errai's new global exception handling feature supports handling these exceptions in a centralized way. It relieves you from having to provide error callbacks at each RPC invocation. Methods annotated with @UncaughtException are called when an exception occurs during a remote call that is not handled by an error callback. This feature is also used internally by Errai's new security module that we'll describe in detail in a future post. Asynchronous handling of RPCs on the serverSometimes computing the result of an RPC call can take a significant amount of time (i.e. because a slow database query needs to be executed or a third party service needs to be contacted). It then might be preferable to release the request-processing thread so it can perform other work and provide the RPC result from a different execution context farther in the future. Errai provides a special return type for this named CallableFuture which indicates to the RPC system that the result of the RPC will be provided asynchronously (after the remote method call has returned). Here’s an example returning a future result of type String: Enhancements to client-side remote call interceptorsIn Errai 3, the new annotation @InterceptsRemoteCall can be used to define the interceptor target directly on the actual interceptor. This is useful in case you can't or don't want to annotate the remote interface with @InterceptedCall. Client-side interceptors can now also be IOC managed beans, which means you can now simply @Inject dependencies into it. Thanks to Eric Wittman for implementing these features! Stay tuned for more new features in Errai 3 and as always, feedback is welcome and appreciated! [Less]
What's new in Errai 3? Part 1: RPC Enhancements
Posted almost 11 years ago by [email protected] (Christian Sadilek)
This is the first post in a series describing new features in Errai 3 that we haven't blogged about so far. We have recently published the first release candidate and plan to release 3.0.0.Final by the end of the month.Today's focus is on ... [More] enhancements made to Errai's RPC mechanism. You can find all details in our reference guide.Global Exception HandlersIn your application you will likely find many remote procedure calls that potentially throw the same type of exception, usually related to some cross-cutting concern (i.e. authorization/authentication). Errai's new global exception handling feature supports handling these exceptions in a centralized way. It relieves you from having to provide error callbacks at each RPC invocation. Methods annotated with @UncaughtException are called when an exception occurs during a remote call that is not handled by an error callback. This feature is also used internally by Errai's new security module that we'll describe in detail in a future post. Asynchronous handling of RPCs on the serverSometimes computing the result of an RPC call can take a significant amount of time (i.e. because a slow database query needs to be executed or a third party service needs to be contacted). It then might be preferable to release the request-processing thread so it can perform other work and provide the RPC result from a different execution context farther in the future. Errai provides a special return type for this named CallableFuture which indicates to the RPC system that the result of the RPC will be provided asynchronously (after the remote method call has returned). Here’s an example returning a future result of type String: Enhancements to client-side remote call interceptorsIn Errai 3, the new annotation @InterceptsRemoteCall can be used to define the interceptor target directly on the actual interceptor. This is useful in case you can't or don't want to annotate the remote interface with @InterceptedCall. Client-side interceptors can now also be IOC managed beans, which means you can now simply @Inject dependencies into it. Thanks to Eric Wittman for implementing these features! Stay tuned for more new features in Errai 3 and as always, feedback is welcome and appreciated! [Less]
Errai 3.0.0.CR1 released!
Posted almost 11 years ago by [email protected] (Christian Sadilek)
The Errai team is proud to announce the availability of Errai 3.0.0.CR1. We have finished our series of milestone releases, completed and hardened all planned features and are now getting ready for the 3.0.0.Final release (planned for the end of ... [More] May).Errai 3.0.0.CR1 contains stable versions of the new Errai Security and Errai Mobile modules. Relative to the last milestone release, this release also brings improved code splitting support in Errai IOC, development mode performance improvements and an improved Errai Forge Addon.Check out the release notes for a full list of fixes and improvements and watch this space for more details as we're moving towards 3.0.0.Final. Please upgrade your projects and help us test and harden Errai 3.Our project roadmap can be found here. We're always looking for feedback!Please join us on Freenode #errai, the errai-dev mailing list, or on our community forums.Happy coding! [Less]
Errai 3.0.0.CR1 released!
Posted almost 11 years ago by [email protected] (Christian Sadilek)
The Errai team is proud to announce the availability of Errai 3.0.0.CR1. We have finished our series of milestone releases, completed and hardened all planned features and are now getting ready for the 3.0.0.Final release (planned for the end of ... [More] May).Errai 3.0.0.CR1 contains stable versions of the new Errai Security and Errai Mobile modules. Relative to the last milestone release, this release also brings improved code splitting support in Errai IOC, development mode performance improvements and an improved Errai Forge Addon.Check out the release notes for a full list of fixes and improvements and watch this space for more details as we're moving towards 3.0.0.Final. Please upgrade your projects and help us test and harden Errai 3.Our project roadmap can be found here. We're always looking for feedback!Please join us on Freenode #errai, the errai-dev mailing list, or on our community forums.Happy coding! [Less]
Have you taken Errai Data Sync for a spin yet?
Posted almost 11 years ago by [email protected] (Christian Sadilek)
Last June we released the first version of the Errai Data Sync module. It complements Errai JPA and provides functionality to automatically keep your local entities (persisted in local storage) in sync with the server. See the original blog post for ... [More] details. We have just added a new declarative, annotation-driven API that will make using Errai Data Sync even easier. Here's a short example: When a user navigates to this page, either by browsing to #GroceryListView;activeUserId=1 or by transitioning from another page, a data sync worker will start to periodically synchronize the entities that match the query specified in the parameter to @Sync. This query parameter refers to a named query defined on an entity type: in this case GroceryList. The @SyncParams refer to fields of the enclosing managed bean to use them as query parameter values. In the example above we make use of the activeUserId field to only synchronize the grocery list of the currently active user. The onDataSyncComplete method is invoked every time a synchronization cycle completes. It can be used to update the UI with the new data or to resolve conflicts. By default, conflicts are resolved in a favour of the server but you can change this behaviour (see the documentation for details). We encourage you to try out Errai DataSync and are eager to get your feedback! What additional functionality would you like to see? Do you like the API or have changes to propose? Please join us on Freenode #errai, the errai-dev mailing list, or on our community forums. [Less]
Have you taken Errai Data Sync for a spin yet?
Posted almost 11 years ago by [email protected] (Christian Sadilek)
Last June we released the first version of the Errai Data Sync module. It complements Errai JPA and provides functionality to automatically keep your local entities (persisted in local storage) in sync with the server. See the original blog post for ... [More] details. We have just added a new declarative, annotation-driven API that will make using Errai Data Sync even easier. Here's a short example: When a user navigates to this page, either by browsing to #GroceryListView;activeUserId=1 or by transitioning from another page, a data sync worker will start to periodically synchronize the entities that match the query specified in the parameter to @Sync. This query parameter refers to a named query defined on an entity type: in this case GroceryList. The @SyncParams refer to fields of the enclosing managed bean to use them as query parameter values. In the example above we make use of the activeUserId field to only synchronize the grocery list of the currently active user. The onDataSyncComplete method is invoked every time a synchronization cycle completes. It can be used to update the UI with the new data or to resolve conflicts. By default, conflicts are resolved in a favour of the server but you can change this behaviour (see the documentation for details). We encourage you to try out Errai DataSync and are eager to get your feedback! What additional functionality would you like to see? Do you like the API or have changes to propose? Please join us on Freenode #errai, the errai-dev mailing list, or on our community forums. [Less]
Errai Forge Addon Release
Posted about 11 years ago by [email protected] (mbarkley)
Many of you may have followed the recent release of Forge 2.0.0.Final. With this new release there is an accompanying Eclipse plugin so that you can now use Forge and its addons from the comfort of your IDE.And with that preface, we at Errai are ... [More] happy to announce the first release of the Errai Forge Addon. With Forge 2.0 and the Errai Addon, it's now easier than ever to create a new Errai project in Eclipse. You can find instructions on how to use Forge 2.0 and the Errai Addon here.Here is a quick overview of its features:Perform a basic setup for an Errai project, including configuring maven plugins for running development mode with JBoss AS 7 and Wildfly 8 and configuring production compilation.Add Errai to an existing GWT project.Add or remove dependencies and configurations for Errai features to a Maven/Eclipse project, including:Errai MessagingErrai IOCErrai CDIErrai UIErrai NavigationErrai DatabindingErrai JaxrsErrai JPAErrai DatasyncErrai CordovaNote that the plugin will be compatible with our upcoming milestone 4 release. Until then you can try it out with Errai 3.0-SNAPSHOT. [Less]
Errai Forge Addon Release
Posted about 11 years ago by [email protected] (Max Barkley)
Many of you may have followed the recent release of Forge 2.0.0.Final. With this new release there is an accompanying Eclipse plugin so that you can now use Forge and its addons from the comfort of your IDE.And with that preface, we at Errai are ... [More] happy to announce the first release of the Errai Forge Addon. With Forge 2.0 and the Errai Addon, it's now easier than ever to create a new Errai project in Eclipse. You can find instructions on how to use Forge 2.0 and the Errai Addon here.Here is a quick overview of its features: Perform a basic setup for an Errai project, including configuring maven plugins for running development mode with JBoss AS 7 and Wildfly 8 and configuring production compilation. Add Errai to an existing GWT project. Add or remove dependencies and configurations for Errai features to a Maven/Eclipse project, including: Errai Messaging Errai IOC Errai CDI Errai UI Errai Navigation Errai Databinding Errai Jaxrs Errai JPA Errai Datasync Errai Cordova Note that the plugin will be compatible with our upcoming milestone 4 release. Until then you can try it out with Errai 3.0-SNAPSHOT. [Less]