tags:

views:

313

answers:

2
Q: 

GWT interface to Solr index

I have a solr index on a remote server and need to create a search page interface. I am using GWT to code the pages and XML-HTTP to query the index and receive the response. The problem is the same-site origin security policy. It won't let JavaScript retrieve the remote XML data. Is there a workaround for this, without using JSON preferably.

A: 

GWT has its very own issues :-)

gayel  2009-10-11 20:17:23
and that doesn't help much. i'll use JSON instead of xml
Chintan  2009-10-11 21:39:06
Sorry gayel, but such comments belong to the... comments section (see the 'add comment' link under the question?)And yes, GWT has it's issues... over 4100 actually (http://code.google.com/p/google-web-toolkit/issues/list ;)), most of them are resolved though, thankfully :)
Igor Klimer  2009-10-12 01:20:13
GWT is just Javascript so any limitation of JS is a limitation of GWT. As thus the remark is completely useless.
David Nouls  2009-10-12 07:46:17
:-) who cares about you and GWT? Only a bunch of fools would use GWT where it doesn't apply, i.e. for any kind of web applications.
gayel  2009-10-12 13:00:39
+1  A: 

A similar problem: http://stackoverflow.com/questions/1488740/make-gwt-interact-with-asp-net-web-service

The answers there should also apply here.

Depending on the type of data that you want to send (that is, how "public" they are), JSONP might not be the best option - it's not the safest method of transport (pure JSON is safer, but to overcome SOP you need the padding).

If you have a Java server on the.. server side, I'd go with GWT <-> servlet (acting as proxy, on the same domain as your main app) <-> web service (any domain) - the safest and cleanest code, afaict.

Igor Klimer  2009-10-12 01:16:25
Yes, that links sums it up quite well. The name trick is interesting and should work on multiple browser types. The proxy is the easiest solution.
David Nouls  2009-10-12 07:47:51
The `window.name` hack is also much safer than `JSONP` - the only voulnerability I know of is that the value of `window.name` persists, even if the user leaves the site (that's why this hack works, but that also means that sitexxx.com could try to read window.name in search of confidential/any data). However, using that custom `FormPanel` from Ray Cromwell fixes that - the `FormPanel` uses a dynamically created iframe, so after use it's discarded and thus afterward no one can read the value of `window.name` of that iframe.
Igor Klimer  2009-10-12 15:43:21
thanks igro. i'm implementing a java servlet on the server since i already have tomcat running.
Chintan  2009-10-12 20:28:53

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java