It is possible to define single point of request handling with special kind of handler with Guice support, like below:
@Singleton
public class GuiceRemoteServiceServlet extends RemoteServiceServlet {
@Inject
private Injector injector;
@Override
public String processCall(String payload) throws SerializationException {
RPCRequest req = RPC.decodeRequest(payload, null, this);
RemoteService service = getServiceInstance(
req.getMethod().getDeclaringClass());
return RPC.invokeAndEncodeResponse(service, req.getMethod(),
req.getParameters(), req.getSerializationPolicy());
}
@SuppressWarnings({"unchecked"})
private RemoteService getServiceInstance(Class serviceClass) {
return (RemoteService) injector.getInstance(serviceClass);
}
}
basically, this is ideal place to do some security-related stuff, like checking if user is authenticated. I need to ensure that the user is authenticated on any request to the server. So in general I will add method validateUser, which will return true/false or throw an exception. This method will be invoked within processCall in the code above.
Now the question is – how do I handle this authentication response on client side? I want to put it into single place, and be sure that any service will has this user validation enabled by default. Any new service must be “secured” without adding any security-related code. So no copy/paste of this code in “onFailure” methods or something like that.
Any thoughts?
If you are using basic RPC mechanism (not gwtp for example), you can create an abstract AsyncCallback and implement the onFailure method to process your global server failures. For other exceptions, you can then delegate to an other method that the caller can implement.
Each time you call the server, just use this new callback instead of the AsyncCallback. It’s also a good thing to do since you don’t have to implement onFailure method each time now.
RequestFactory uses this, the Receiver is abstract so when you create one, you just have to define the onSuccess method.