Class SimplePageAuthorizationStrategy
java.lang.Object
org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy
org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy
org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy
- All Implemented Interfaces:
IAuthorizationStrategy
A very simple authorization strategy that takes a supertype (a base class or tagging interface)
and performs a simple authorization check by calling the abstract method isAuthorized() whenever
a Page class that extends or implements the supertype is about to be instantiated. If that method
returns true, page instantiation proceeds normally. If it returns false, the user is
automatically directed to the specified sign-in page for authentication, which will presumably
allow authorization to succeed once they have signed in.
In your Application.init() method do something like the following:
SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy( MySecureWebPage.class, MySignInPage.class) { protected boolean isAuthorized() { // Authorize access based on user authentication in the session return (((MySession)Session.get()).isSignedIn()); } }; getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);
- Author:
- Eelco Hillenius, Jonathan Locke
-
Nested Class Summary
Nested classes/interfaces inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy
IAuthorizationStrategy.AllowAllAuthorizationStrategy
-
Field Summary
Fields inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy
ALLOW_ALL
-
Constructor Summary
ConstructorDescriptionSimplePageAuthorizationStrategy
(Class<?> securePageSuperType, Class<S> signInPageClass) Construct. -
Method Summary
Modifier and TypeMethodDescriptionprotected abstract boolean
Gets whether the current user/session is authorized to instantiate a page class which extends or implements the supertype (base class or tagging interface) passed to the constructor.protected <T extends Page>
booleanisPageAuthorized
(Class<T> pageClass) Whether to page may be created.Methods inherited from class org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy
instanceOf, isInstantiationAuthorized
Methods inherited from class org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy
isActionAuthorized, isResourceAuthorized
-
Constructor Details
-
SimplePageAuthorizationStrategy
Construct.- Type Parameters:
S
-- Parameters:
securePageSuperType
- The class or interface supertype that indicates that a given Page requires authorizationsignInPageClass
- The sign in page class
-
-
Method Details
-
isPageAuthorized
Description copied from class:AbstractPageAuthorizationStrategy
Whether to page may be created. Returns true by default.- Overrides:
isPageAuthorized
in classAbstractPageAuthorizationStrategy
- Type Parameters:
T
- the type of the page- Parameters:
pageClass
- The Page class- Returns:
- True if to page may be created
- See Also:
-
isAuthorized
Gets whether the current user/session is authorized to instantiate a page class which extends or implements the supertype (base class or tagging interface) passed to the constructor.- Returns:
- True if the instantiation should be allowed to proceed. False, if the user should be directed to the application's sign-in page.
-