Package org.apache.wicket.authorization.strategies.page

Class AbstractPageAuthorizationStrategy

java.lang.Object

org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy

org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy

All Implemented Interfaces:

IAuthorizationStrategy

Direct Known Subclasses:

SimplePageAuthorizationStrategy

public abstract class AbstractPageAuthorizationStrategy
extends IAuthorizationStrategy.AllowAllAuthorizationStrategy

An abstract base class for implementing simple authorization of Pages. Users should override isPageAuthorized(Class), which gets called for Page classes when they are being constructed.

Author:

Jonathan Locke, Eelco Hillenius

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy

IAuthorizationStrategy.AllowAllAuthorizationStrategy

Field Summary

Fields inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy

ALLOW_ALL

Constructor Summary

Constructors

Constructor	Description
AbstractPageAuthorizationStrategy()

Method Summary

Modifier and Type	Method	Description
protected boolean	instanceOf(Class<?> type, Class<?> superType)	Works like instanceof operator where instanceOf(a, b) is the runtime equivalent of (a instanceof b).
final <T extends IRequestableComponent> boolean	isInstantiationAuthorized(Class<T> componentClass)	Checks whether an instance of the given component class may be created.
protected <T extends Page> boolean	isPageAuthorized(Class<T> pageClass)	Whether to page may be created.

Methods inherited from class org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy

isActionAuthorized, isResourceAuthorized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AbstractPageAuthorizationStrategy

public AbstractPageAuthorizationStrategy()

Method Details

isInstantiationAuthorized

public final <T extends IRequestableComponent>
boolean isInstantiationAuthorized(Class<T> componentClass)

Description copied from interface: IAuthorizationStrategy

Checks whether an instance of the given component class may be created. If this method returns false, the IUnauthorizedComponentInstantiationListener that is configured in the security settings will be called. The default implementation of that listener throws a UnauthorizedInstantiationException.

If you wish to implement a strategy that authenticates users which cannot access a given Page (or other Component), you can simply throw a RestartResponseAtInterceptPageException in your implementation of this method.

Specified by:

isInstantiationAuthorized in interface IAuthorizationStrategy

Overrides:

isInstantiationAuthorized in class IAuthorizationStrategy.AllowAllAuthorizationStrategy

Parameters:

componentClass - The component class to check

Returns:

Whether the given component may be created

See Also:

• IAuthorizationStrategy.isInstantiationAuthorized(java.lang.Class)

instanceOf

protected boolean instanceOf(Class<?> type,
 Class<?> superType)

Works like instanceof operator where instanceOf(a, b) is the runtime equivalent of (a instanceof b).

Parameters:

type - The type to check

superType - The interface or superclass that the type needs to implement or extend

Returns:

True if the type is an instance of the superType

isPageAuthorized

protected <T extends Page> boolean isPageAuthorized(Class<T> pageClass)

Whether to page may be created. Returns true by default.

Type Parameters:

T - the type of the page

Parameters:

pageClass - The Page class

Returns:

True if to page may be created