how do I verify my GWT backend is protected by authentication

[Yan]

Hi there, 

GWT has frontend and backend, I am using Request Factory. 

When client makes a call to backend, it does HTTP post/get, how do I get the URL being used?  Because I want to verify that if I simply get/post this URL directly, I will get 401 or 403. This is for security reasons.

How can I find the server URL? Is there a naming convention?

Thanks,

Yan

[JoseM]

Look at what you setup in your web.xml, it's there.  Most likely something like /gwtRequest.

You can also just use something like FireBug or the Developer Tools in Chrome to see the requests that the Browser is making.

Note: if you really want to be secure I would suggest you use HTTPS.