org.apache.wicket.authorization.strategies.action
Class ActionAuthorizationStrategy
java.lang.Object
org.apache.wicket.authorization.strategies.action.ActionAuthorizationStrategy
- All Implemented Interfaces:
- IAuthorizationStrategy
public class ActionAuthorizationStrategy
- extends Object
- implements IAuthorizationStrategy
An authorization strategy which allows the use of a command pattern for users that want to
authorize a variety of different types of actions throughout an application.
- Since:
- Wicket 1.2
- Author:
- Jonathan Locke
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ActionAuthorizationStrategy
public ActionAuthorizationStrategy()
addActionAuthorizer
public void addActionAuthorizer(IActionAuthorizer authorizer)
- Adds an action authorizer.
- Parameters:
authorizer
- The action authorizer to add
isInstantiationAuthorized
public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass)
- Description copied from interface:
IAuthorizationStrategy
- Checks whether an instance of the given component class may be created. If this method
returns false, the
IUnauthorizedComponentInstantiationListener
that is configured in
the security settings
will be called. The default implementation of
that listener throws a UnauthorizedInstantiationException
.
If you wish to implement a strategy that authenticates users which cannot access a given Page
(or other Component), you can simply throw a
RestartResponseAtInterceptPageException
in your implementation of
this method.
- Specified by:
isInstantiationAuthorized
in interface IAuthorizationStrategy
- Parameters:
componentClass
- The component class to check
- Returns:
- Whether the given component may be created
- See Also:
IAuthorizationStrategy.isInstantiationAuthorized(java.lang.Class)
isActionAuthorized
public boolean isActionAuthorized(Component component,
Action action)
- Description copied from interface:
IAuthorizationStrategy
- Gets whether the given action is permitted. If it is, this method should return true. If it
isn't, this method should either return false or - in case of a serious breach - throw a
security exception. Returning is generally preferable over throwing an exception as that
doesn't break the normal flow.
- Specified by:
isActionAuthorized
in interface IAuthorizationStrategy
- Parameters:
component
- The component to be acted uponaction
- The action to authorize on the component
- Returns:
- Whether the given action may be taken on the given component
- See Also:
IAuthorizationStrategy.isActionAuthorized(org.apache.wicket.Component,
org.apache.wicket.authorization.Action)
Copyright © 2006-2012 Apache Software Foundation. All Rights Reserved.