Taking a moment ...
This is an appropriate moment to explicitly say a sincere thanks and reiterate my respect and gratitude to everyone that has contributed to Wicket, all the useful satellite projects, and to this forum, the quality and value of which I have not witnessed on any other medium, free or paid-for! In 2011 we are looking forward to formally moving up to Wicket 1.5, more wide-spread and imaginative use of Brix to help it also evolve to meet its potential, and who knows, maybe even more people building interesting apps on Wicket and Scala! I wish you a merry Xmas and a 2011 full of good health, happiness and enjoyable projects. Regards - Cemal jWeekend Training, Consulting, Development http://jWeekend.com - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Taking a moment ...
Thanks Cemal. 2010/12/24 Cemal Bayramoglu jweekend_for...@cabouge.com This is an appropriate moment to explicitly say a sincere thanks and reiterate my respect and gratitude to everyone that has contributed to Wicket, all the useful satellite projects, and to this forum, the quality and value of which I have not witnessed on any other medium, free or paid-for! In 2011 we are looking forward to formally moving up to Wicket 1.5, more wide-spread and imaginative use of Brix to help it also evolve to meet its potential, and who knows, maybe even more people building interesting apps on Wicket and Scala! I wish you a merry Xmas and a 2011 full of good health, happiness and enjoyable projects. Regards - Cemal jWeekend Training, Consulting, Development http://jWeekend.com - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- *Altuğ* *www.kodcu.com* http://www.kodcu.com**
Simple way to show image on WebPage
Hello, I've folder of images such as $PROJECT_ROOT/images/ and in $PROJECT_ROOT/src/main/java/org/myproject/myprofile/MyProfilePage.java: package org.myproject.myprofile; public class MyProfilePage extends WebPage { ... public MyProfilePage() { ... class MyProfileForm extends Form { ... // user.getImagePath() return for example images/1 add(new Image(myimage, user.getImagePath())); but it's create 404-link: http://localhost:8081/myproject/resources/org.myproject.myprofile.MyProfilePage/images/1_de_DE What is the best way for this, if I need session-binded images? Thanks! - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: adding behaviour to a panel
I was wrong the script was rendered I saw using firebug and found the script , but noticed that old script are not removed till the page is refreshed, suppose my panel added some scripts and css and onclick of ajax button I repalced the panel with new panel and it does not need the behaviour added by previous panel , still the header has this script is this normal ? -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/adding-behaviour-to-a-panel-tp3162852p3163221.html Sent from the Users forum mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Happy Christmas good new year!
Yet another year with Wicket evolving and new wicket stuffings. Thanks to the wicket developers Wicket stuffers for making my life better, and improving my code :) live long and prosper :) regards Nino
eHour
A framework for timesheet management based on Wicket: eHour. http://javajeedevelopment.blogspot.com/2010/12/ehour-timesheet-management.html
Re: eHour
~tedeling++ ;-) On Fri, Dec 24, 2010 at 3:42 PM, moèz ben rhouma benrhouma.m...@gmail.comwrote: A framework for timesheet management based on Wicket: eHour. http://javajeedevelopment.blogspot.com/2010/12/ehour-timesheet-management.html
[ANNOUNCE] Wicket 1.4.15 released
The Wicket development team is proud to announce that we have released Wicket 1.4.15. This is a bugfix and minor improvement release in the 1.4.x (stable) branch. To download: http://www.apache.org/dyn/closer.cgi/wicket/1.4.15 Release Tag: http://svn.apache.org/repos/asf/wicket/releases/wicket-1.4.15/ Changelog: https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310561styleName=Htmlversion=12315900 To use with Maven (the recommended way to use Wicket): dependency groupIdorg.apache.wicket/groupId artifactIdwicket/artifactId version1.4.15/version /dependency -- Jeremy Thomerson http://wickettraining.com Need a CMS for Wicket? Use Brix! http://brixcms.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Authorization through Spring Security
The key for using Wicket authorization annotations is to implement IAuthorizationStrategy and IUnauthorizedComponentInstantiationListener. When you get called in those methods, you can call out to Spring Security to check how to proceed. Just implement the methods with stubs, set breakpoints there, and look at what you are passed. All will be clear, it's really easy to use. Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. Brian On Dec 24, 2010, at 2:38 AM, Dmytro Seredenko wrote: Guys, did anyone use Spring Security intercept-url for managing authorization for Wicket-driven webapp? It's still unclear to me: can I use SS 3 as an authorization tool with configuration like: security:http create-session=never auto-config=true security:intercept-url pattern=/admin access=ROLE_ADMIN/ security:intercept-url pattern=/**/ /security:http or there is no way to omit wicket-auth-roles? P.S. Although Wicket 'auth' annotations work, I couldn't make it work with Spring Security only. Thanks, Dmytro. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Simple way to show image on WebPage
Hi Anton, I've used class ContextImage in a situation like this, but folder containing images must be inside WebContent folder, at the same level of WEB-INF folder. In this scenario you should be able to access your images writing something like this add(new ContextImage(icon, images/imageFileName.jpg)); where 'images' is the folder containing images. Hello, I've folder of images such as $PROJECT_ROOT/images/ and in $PROJECT_ROOT/src/main/java/org/myproject/myprofile/MyProfilePage.java: package org.myproject.myprofile; public class MyProfilePage extends WebPage { ... public MyProfilePage() { ... class MyProfileForm extends Form { ... // user.getImagePath() return for example images/1 add(new Image(myimage, user.getImagePath())); but it's create 404-link: http://localhost:8081/myproject/resources/org.myproject.myprofile.MyProfilePage/images/1_de_DE What is the best way for this, if I need session-binded images? Thanks! - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Authorization through Spring Security
Hi Brian, thanks for your response, I'll definitely try proposed approach. The reasons to manage Sprimg Security 3 authorization are: - to have one security framework for authentication and authorization (which is more naturally than having two) - to have https configuration based on intercept urls (I'm not sure Wicket can offer this) - to use Spring expressions for authorization I don't see a way how to achieve the mentioned goals using Wicket auth-roles. Thanks, Dmytro. On Fri, Dec 24, 2010 at 8:40 AM, Brian Topping topp...@codehaus.org wrote: The key for using Wicket authorization annotations is to implement IAuthorizationStrategy and IUnauthorizedComponentInstantiationListener. When you get called in those methods, you can call out to Spring Security to check how to proceed. Just implement the methods with stubs, set breakpoints there, and look at what you are passed. All will be clear, it's really easy to use. Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. Brian On Dec 24, 2010, at 2:38 AM, Dmytro Seredenko wrote: Guys, did anyone use Spring Security intercept-url for managing authorization for Wicket-driven webapp? It's still unclear to me: can I use SS 3 as an authorization tool with configuration like: security:http create-session=never auto-config=true security:intercept-url pattern=/admin access=ROLE_ADMIN/ security:intercept-url pattern=/**/ /security:http or there is no way to omit wicket-auth-roles? P.S. Although Wicket 'auth' annotations work, I couldn't make it work with Spring Security only. Thanks, Dmytro. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Best regards, Dmytro Seredenko
Re: eHour
Heyy that looks familiar :) On Dec 24, 2010, at 16:12, Martin Grigorov mgrigo...@apache.org wrote: ~tedeling++ ;-) On Fri, Dec 24, 2010 at 3:42 PM, moèz ben rhouma benrhouma.m...@gmail.comwrote: A framework for timesheet management based on Wicket: eHour. http://javajeedevelopment.blogspot.com/2010/12/ehour-timesheet-management.html - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Authorization through Spring Security
On Fri, Dec 24, 2010 at 11:40 AM, Brian Topping topp...@codehaus.org wrote: The key for using Wicket authorization annotations is to implement IAuthorizationStrategy and IUnauthorizedComponentInstantiationListener. When you get called in those methods, you can call out to Spring Security to check how to proceed. Just implement the methods with stubs, set breakpoints there, and look at what you are passed. All will be clear, it's really easy to use. Yeah, mimicking what auth-roles does to check its own annotations should be quite trivial. Brian has pretty much given you the recipe here. Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. It will work fine for mounted bookmarkable pages, but it will get a little crazy once you start getting into listeners and stuff. You could use AspectJ to weave your classes so that they have the security stuff baked in. Then, they'll throw the proper exceptions and if you use the request cycle trick I showed you, it will forward to the login page. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Authorization through Spring Security
Thanks guys, now I'm getting full picture. James, did you apply AOP approach you mentioned, or you went Wicket-way ? On Fri, Dec 24, 2010 at 11:39 AM, James Carman ja...@carmanconsulting.comwrote: On Fri, Dec 24, 2010 at 11:40 AM, Brian Topping topp...@codehaus.org wrote: The key for using Wicket authorization annotations is to implement IAuthorizationStrategy and IUnauthorizedComponentInstantiationListener. When you get called in those methods, you can call out to Spring Security to check how to proceed. Just implement the methods with stubs, set breakpoints there, and look at what you are passed. All will be clear, it's really easy to use. Yeah, mimicking what auth-roles does to check its own annotations should be quite trivial. Brian has pretty much given you the recipe here. Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. It will work fine for mounted bookmarkable pages, but it will get a little crazy once you start getting into listeners and stuff. You could use AspectJ to weave your classes so that they have the security stuff baked in. Then, they'll throw the proper exceptions and if you use the request cycle trick I showed you, it will forward to the login page. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Best regards, Dmytro Seredenko
Re: Authorization through Spring Security
On Fri, Dec 24, 2010 at 1:39 PM, James Carman ja...@carmanconsulting.com wrote: Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. It will work fine for mounted bookmarkable pages, but it will get a little crazy once you start getting into listeners and stuff. You could use AspectJ to weave your classes so that they have the security stuff baked in. Then, they'll throw the proper exceptions and if you use the request cycle trick I showed you, it will forward to the login page. This is the key that most people miss. You can *only* secure the *initial view* of a bookmarkable / mounted page through URL-based security. As soon as I submit a form, click a link, or use an AJAX behavior, I go to a non-bookmarkable URL that is session dependent and you *can not* use URL based security for this. Even with the hybrid strategy. See [1] for more information about how URLs work. [1] http://apache-wicket.1842946.n4.nabble.com/urls-after-a-form-submission-tp2965981p2966109.html -- Jeremy Thomerson http://wickettraining.com Need a CMS for Wicket? Use Brix! http://brixcms.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Authorization through Spring Security
Ok, things become more complex :) Guys, here is the trivial task I'm trying to resolve: provide authentication against datasource (using custom AuthenticationProvider) + authorization based on a set of criteria (user role - one of them) + secure specific pages. I try to solve it using old-school approach with Spring + Spring Security + web framework (Wicket in this case). However looks like not so many people go this way. Can someone who has Wicket experience describe Wicket-friendly solution for that? Do you really use Wicket security for all levels of you app? Or you're using Apache Shiro every time when you choose Wicket as a web framework? P.S. There is not much information about Wicket security strategy on the site and most of it is outdated. I believe some rough design pattern for the task I described will be really useful for other people. On Fri, Dec 24, 2010 at 6:04 PM, Jeremy Thomerson jer...@wickettraining.com wrote: On Fri, Dec 24, 2010 at 1:39 PM, James Carman ja...@carmanconsulting.com wrote: Doing it with intercept URLs might work for a few pages that you have mounted in Wicket, but in the end, every new page is going to have to be set up perfectly. It's not worth it go go that route. It will work fine for mounted bookmarkable pages, but it will get a little crazy once you start getting into listeners and stuff. You could use AspectJ to weave your classes so that they have the security stuff baked in. Then, they'll throw the proper exceptions and if you use the request cycle trick I showed you, it will forward to the login page. This is the key that most people miss. You can *only* secure the *initial view* of a bookmarkable / mounted page through URL-based security. As soon as I submit a form, click a link, or use an AJAX behavior, I go to a non-bookmarkable URL that is session dependent and you *can not* use URL based security for this. Even with the hybrid strategy. See [1] for more information about how URLs work. [1] http://apache-wicket.1842946.n4.nabble.com/urls-after-a-form-submission-tp2965981p2966109.html -- Jeremy Thomerson http://wickettraining.com Need a CMS for Wicket? Use Brix! http://brixcms.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Best regards, Dmytro Seredenko