SGWT Power 3.0p (2012-06-30)
GWT 2.2
FF 5.0
I have a third party which wants to connect to my SGWT REST service .
The data which the third party is passing is potentially complex, so I'm thinking we should use a JSON string in its HTTP request.
I recall seeing some docs about this being a security issue. Can you confirm best practice in this regard (with emphasis on SGWT )?
The intention is to parse through the third party request, validate , process, respond.
Is this use case relevant to the built it RestHandler servlet. I'm not sure as this servlet seems to require the JSON in a standard format to support the possible CRUD operations whilst what I want to accomplish is to validate,process and respond without necessarily writing to any datasources in order to achieve same.
My initial thoughts :
1. extend the HttpServlet
2. If including the JSON string as part of the request isn't a show stopper(based on your response) the we deserialize the string into its internal structure (using GSon APIs)
3. Perform business rules
4. Respond to client
Please point me to the appropriate docs OR suggest better approach.
GWT 2.2
FF 5.0
I have a third party which wants to connect to my SGWT REST service .
The data which the third party is passing is potentially complex, so I'm thinking we should use a JSON string in its HTTP request.
I recall seeing some docs about this being a security issue. Can you confirm best practice in this regard (with emphasis on SGWT )?
The intention is to parse through the third party request, validate , process, respond.
Is this use case relevant to the built it RestHandler servlet. I'm not sure as this servlet seems to require the JSON in a standard format to support the possible CRUD operations whilst what I want to accomplish is to validate,process and respond without necessarily writing to any datasources in order to achieve same.
My initial thoughts :
1. extend the HttpServlet
2. If including the JSON string as part of the request isn't a show stopper(based on your response) the we deserialize the string into its internal structure (using GSon APIs)
3. Perform business rules
4. Respond to client
Please point me to the appropriate docs OR suggest better approach.
Comment