No built in features, but you can hook to pretty much any java authorization framework. Both Vaadin CDI add-on (for java ee world) and vaadin4spring add-on have some helpers to implement role based access control. Check out
this example
, it uses shiro, Vaadin CDI and runs on Java EE 6 servers. It currently just checks roles in the code to enable editing of user database, but we plan to add examples of views that only appear for “admin” role. If I remember correctly it happens simply by adding @RolesAllowed(“admin”) annotation to the view class.