views:

90

answers:

1

Hi everybody,

I deployed recently a Roo/Gwt project on Google App Engine.

I spent a couple of hours but couldn't find a tutorial that shows, step by step, how can we add n authentification system (withe the Federated Login Api).

I found this very good article that provides some helpful code :

import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.google.appengine.api.users.User;
import com.google.appengine.api.users.UserService;
import com.google.appengine.api.users.UserServiceFactory;

@SuppressWarnings("serial")
public class OpenIdDemoServlet extends HttpServlet {

    private static final Map<String, String> openIdProviders;
    static {
        openIdProviders = new HashMap<String, String>();
        openIdProviders.put("Google", "google.com/accounts/o8/id");
        openIdProviders.put("Yahoo", "yahoo.com");
        openIdProviders.put("MySpace", "myspace.com");
        openIdProviders.put("AOL", "aol.com");
        openIdProviders.put("MyOpenId.com", "myopenid.com");
    }

    @Override
    public void doGet(HttpServletRequest req, HttpServletResponse resp)
            throws IOException {
        UserService userService = UserServiceFactory.getUserService();
        User user = userService.getCurrentUser(); // or req.getUserPrincipal()
        Set<String> attributes = new HashSet();

        resp.setContentType("text/html");
        PrintWriter out = resp.getWriter();

        if (user != null) {
            out.println("Hello <i>" + user.getNickname() + "</i>!");
            out.println("[<a href=\""
                    + userService.createLogoutURL(req.getRequestURI())
                    + "\">sign out</a>]");
        } else {
            out.println("Hello world! Sign in at: ");
            for (String providerName : openIdProviders.keySet()) {
                String providerUrl = openIdProviders.get(providerName);
                String loginUrl = userService.createLoginURL(req
                        .getRequestURI(), null, providerUrl, attributes);
                out.println("[<a href=\"" + loginUrl + "\">" + providerName + "</a>] ");
            }
        }
    }
}

How can I setup this authentification module? Where should I put this code because there is no "main.java" file?

Thank you very much,

Regards

A: 

This is in progress to be implemented for GWT 2.1/Roo 1.1.0. See this for more details https://jira.springsource.org/browse/ROO-1003

If you can't wait, check the Spring Security in Google App Engine article, at http://blog.springsource.com/2010/08/02/spring-security-in-google-app-engine/ That approach is not supported by Roo though (so once you change the generated code, it will be harder, but still possible, to continue using Roo)

Marius Andreiana
So, there is no way to secure a deployed Roo/Gwt app?
Zakaria