Package org.apache.wicket.settings

Class SecuritySettings

  • public class SecuritySettings
extends Object
    Class for security related settings
    Author:
    Jonathan Locke, Chris Turner, Eelco Hillenius, Juergen Donnerstag, Johan Compagner, Igor Vaynberg (ivaynberg), Martijn Dashorst, James Carman

    • Field Detail

      • DEFAULT_ENCRYPTION_KEY

        public static final String DEFAULT_ENCRYPTION_KEY
        encryption key used by default crypt factory
        See Also:
        Constant Field Values

    • Constructor Detail

      • SecuritySettings

        public SecuritySettings()

    • Method Detail

      • getAuthorizationStrategy

        public IAuthorizationStrategy getAuthorizationStrategy()
        Gets the authorization strategy.
        Returns:
        Returns the authorizationStrategy.

      • getCryptFactory

        public org.apache.wicket.util.crypt.ICryptFactory getCryptFactory()
        Note: Prints a warning to stderr if no factory was set and DEFAULT_ENCRYPTION_KEY is used instead.
        Returns:
        crypt factory used to generate crypt objects

      • getEnforceMounts

        public boolean getEnforceMounts()
        Gets whether page mounts should be enforced. If true, requests for a page will be allowed only if the page has been explicitly mounted in MyApplication#init(). This setting basically disables BookmarkableMapper
        Returns:
        Whether mounts should be enforced

      • setAuthorizationStrategy

        public SecuritySettings setAuthorizationStrategy​(IAuthorizationStrategy strategy)
        Sets the authorization strategy.
        Parameters:
        strategy - new authorization strategy
        Returns:
        this object for chaining

      • setCryptFactory

        public SecuritySettings setCryptFactory​(org.apache.wicket.util.crypt.ICryptFactory cryptFactory)
        Sets the factory that will be used to create crypt objects. The crypt object returned from the first call is cached.
        Parameters:
        cryptFactory -
        Returns:
        this object for chaining

      • setRandomSupplier

        public SecuritySettings setRandomSupplier​(ISecureRandomSupplier randomSupplier)
        Sets the supplier of secure random data for Wicket. The implementation must use a strong source of random data and be able to generate a lot of random data without running out of entropy.
        Parameters:
        randomSupplier - The new supplier, must not be null.
        Returns:
        this object for chaining

      • setEnforceMounts

        public SecuritySettings setEnforceMounts​(boolean enforce)
        Sets whether mounts should be enforced. If true, requests for mounted targets have to done through the mounted paths. If, for instance, a bookmarkable page is mounted to a path, a request to that same page via the bookmarkablePage parameter will be denied.
        Parameters:
        enforce - Whether mounts should be enforced
        Returns:
        this object for chaining

      • getUnauthorizedResourceRequestListener

        public IUnauthorizedResourceRequestListener getUnauthorizedResourceRequestListener()
        Returns:
        The listener that will be used when a request to an IResource is not allowed for some reason

      • setUnauthorizedResourceRequestListener

        public SecuritySettings setUnauthorizedResourceRequestListener​(IUnauthorizedResourceRequestListener listener)
        Sets a listener that will be used when a request to an IResource is not allowed for some reason
        Parameters:
        listener - The listener
        Returns:
        this object for chaining

      • getAuthenticationStrategy

        public IAuthenticationStrategy getAuthenticationStrategy()
        Gets the authentication strategy.
        Returns:
        Returns the authentication strategy.

      • setAuthenticationStrategy

        public SecuritySettings setAuthenticationStrategy​(IAuthenticationStrategy strategy)
        Sets the authentication strategy.
        Parameters:
        strategy - new authentication strategy
        Returns:
        this object for chaining

      • setCrossOriginOpenerPolicyConfiguration

        public SecuritySettings setCrossOriginOpenerPolicyConfiguration​(CrossOriginOpenerPolicyConfiguration.CoopMode mode,
                                                                String... exemptions)
        Sets the Cross-Origin Opener Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect
        Parameters:
        mode - CoopMode, one of the 4 values: UNSAFE_NONE, SAME_ORIGIN, SAME_ORIGIN_ALLOW_POPUPS, DISABLED
        exemptions - exempted paths for which COOP will be disabled
        Returns:

      • setCrossOriginEmbedderPolicyConfiguration

        public SecuritySettings setCrossOriginEmbedderPolicyConfiguration​(CrossOriginEmbedderPolicyConfiguration.CoepMode mode,
                                                                  String... exemptions)
        Sets the Cross-Origin Embedder Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect
        Parameters:
        mode - CoepMode, one of the 3 values: ENFORCING, REPORTING, DISABLED
        exemptions - exempted paths for which COEP will be disabled
        Returns: