org.apache.wicket.authorization.strategies.page
Class SimplePageAuthorizationStrategy
java.lang.Object
org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy
org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy
- All Implemented Interfaces:
- IAuthorizationStrategy
public abstract class SimplePageAuthorizationStrategy
- extends AbstractPageAuthorizationStrategy
A very simple authorization strategy that takes a supertype (a base class or tagging interface)
and performs a simple authorization check by calling the abstract method isAuthorized() whenever
a Page class that extends or implements the supertype is about to be instantiated. If that method
returns true, page instantiation proceeds normally. If it returns false, the user is
automatically directed to the specified sign-in page for authentication, which will presumably
allow authorization to succeed once they have signed in.
In your Application.init() method do something like the following:
SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(
MySecureWebPage.class, MySignInPage.class)
{
protected boolean isAuthorized()
{
// Authorize access based on user authentication in the session
return (((MySession)Session.get()).isSignedIn());
}
};
getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);
- Author:
- Eelco Hillenius, Jonathan Locke
Method Summary |
protected abstract boolean |
isAuthorized()
Gets whether the current user/session is authorized to instantiate a page class which extends
or implements the supertype (base class or tagging interface) passed to the constructor. |
protected
|
isPageAuthorized(Class<T> pageClass)
Whether to page may be created. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
SimplePageAuthorizationStrategy
public SimplePageAuthorizationStrategy(Class<?> securePageSuperType,
Class<S> signInPageClass)
- Construct.
- Type Parameters:
S
- - Parameters:
securePageSuperType
- The class or interface supertype that indicates that a given Page requires
authorizationsignInPageClass
- The sign in page class
isPageAuthorized
protected <T extends Page> boolean isPageAuthorized(Class<T> pageClass)
- Description copied from class:
AbstractPageAuthorizationStrategy
- Whether to page may be created. Returns true by default.
- Overrides:
isPageAuthorized
in class AbstractPageAuthorizationStrategy
- Type Parameters:
T
- the type of the page- Parameters:
pageClass
- The Page class
- Returns:
- True if to page may be created
- See Also:
AbstractPageAuthorizationStrategy.isPageAuthorized(java.lang.Class)
isAuthorized
protected abstract boolean isAuthorized()
- Gets whether the current user/session is authorized to instantiate a page class which extends
or implements the supertype (base class or tagging interface) passed to the constructor.
- Returns:
- True if the instantiation should be allowed to proceed. False, if the user should be
directed to the application's sign-in page.
Copyright © 2006–2016 Apache Software Foundation. All rights reserved.