开发者

Gwt security widget level

开发者 https://www.devze.com 2023-04-12 20:54 出处:网络
I\'m probably asking a newbee question but i\'m wondering if there is a security issue to use roles to set the visibility of some field in a a Gwt panel (Smartgwt but doesn\'t change the problem).

I'm probably asking a newbee question but i'm wondering if there is a security issue to use roles to set the visibility of some field in a a Gwt panel (Smartgwt but doesn't change the problem). I have securitty checking server side on the main services restricted for some roles and besides I instaniate only the panels corresponding to the user granted access but in some case I need to reduce the data visible on some views for some roles. I开发者_运维百科f there is a security issue what will be the best workaround for such a request?


You cannot expect to hide data you send to a client with the user interface, since the user can always access the data via some other interface that you didn't create. Don't use GWT to reduce data visibility - always do that on the server. You only control the server, even if it seems like you control the client.

0

精彩评论

暂无评论...
验证码 换一张
取 消