Vaadin Security with Springboot

In my web application i have separate backend and frontend. I use JWT springboot security for my backend.
Now my question is :

  1. How can i handle it with my frontend ? How can i create JWT token with form and pass this along headers?
    2.How can i hide save ,delete buttons for general users?

Any expert who can help me out. I am very beginner.

Hi Kamrul,

I do something similar. In the click listener on the submit button on the login page I generate a JWT and add it as a cookie. (After I’ve checked the username and password of course :slight_smile: )

	String jwt = tokenProvider.generateToken(auth);
	HttpServletResponse response = (HttpServletResponse) VaadinResponse.getCurrent();
	Cookie cookie = new Cookie("ecm-jwt", jwt);
	response.addCookie(cookie);

As for hiding buttons, after the user has authenticated I load in the ‘user’ object form the DB, which has a set of permissions. Then when building the GUI up I check the user object for permission. e.g.

Button save = new Button(…);
b.setReadOnly(!user.canSave());

Hope that makes sense.

Stuart.

Stuart Robinson:
Hi Kamrul,

I do something similar. In the click listener on the submit button on the login page I generate a JWT and add it as a cookie. (After I’ve checked the username and password of course :slight_smile: )

	String jwt = tokenProvider.generateToken(auth);
	HttpServletResponse response = (HttpServletResponse) VaadinResponse.getCurrent();
	Cookie cookie = new Cookie("ecm-jwt", jwt);
	response.addCookie(cookie);

As for hiding buttons, after the user has authenticated I load in the ‘user’ object form the DB, which has a set of permissions. Then when building the GUI up I check the user object for permission. e.g.

Button save = new Button(…);
b.setReadOnly(!user.canSave());

Hope that makes sense.

Stuart.

can you provide me a demo? It will help me a lot