Protecting Routes

I would like to know if there is a way to provide protection to Routes,
instead of using Spring Security’s Authorized Requests?

Not sure if this what you’re looking for, but if you add the interface BeforeEnterObserver to the view you can then override beforeEnter() and if necessary redirect somewhere else:

public class MyView implements BeforeEnterObserver {

   @Override
   public void beforeEnter(BeforeEnterEvent event) {
      if (noAccess()) {
         event.rerouteToError(NoAccessView.class);
      }
   }

}

Martin,
I already tried some options from the Navigation Lifecycle,
it works but I would have to verify in all @Routes or create a abstract class to inherit from it,
and it became a mess. That’s why I created this post, to know if there is a better way to control all of this.

Right now I am going to the Spring Security solution, but it would be great if we could have a “interceptor” for this matter.

Hi João,

All you need to do is to define the beforeEnter in a layout view. The layout view acts as a “parent” of your view, but you’re not inheriting from a java perspective.

Example:

@Route(value = "myview", layout = MainView.class)
@PageTitle("My View")
public class MyView extends PolymerTemplate<TemplateModel> {
}

In this example, MyView wil “inherit” layout settings from MainView as well as beforeEnter code. So if you define your beforeEnter code in MainView.java, it will be invoked by any views that uses MainView as the layout.