Hi Tom,
Igor covers IAuthorizationStrategy (very nicely, I might add) in his
book, at least the version I have.
I'm talking about IAuthenticationStrategy.
Cheers,
Jesse
On 25/10/2012 19:35, Burton, Tom F (DOR) wrote:
I'm still using 1.5 but I thought IAuthenticationStrategy was for end user use.
After reading security Chapter of Igor's "Apache Wicket Cookbook" I began
converting my authentication mechanism to using IAuthenticationStrategy. (Although
Admittedly I'm doing page level auth. I still haven't implemented any page component
level permissions yet.)
Just my $0.02,
Tom Burton
-----Original Message-----
From: Jesse Long [mailto:[email protected]]
Sent: Thursday, October 25, 2012 9:19 AM
To: [email protected]
Subject: Remove IAuthenticationStrategy in 7
Hi all,
IAuthenticationStrategy is pretty much only used by wicket-authroles.
This was enough cause to get Session#authenticate kicked out.
Also, the interface makes some assumptions about username and password being
the only possible authentication tokens.
Maybe it should be moved to wicket-authroles using a
Application.getMetaData() type implementation in 7?
Thoughts?
Thanks,
Jesse
