UI security question

Assume some UI class holds sensitive data, for example user ID…will this data be available client-side so it can be faked? Is it a security issue? I’m using Vaadin 7.

Only component (or more accurately, field and container) values are sent to the client side. So, short answer, no it isn’t a security issue. It is perfectly safe to store whatever data as normal Class fields (they can even be public), Vaadin does not touch any of those in any way.