I think the 4-th option will be the best way to do it. As an external
solution you can consider Spring Security or Apache Shiro
2014/1/16 Martin Grigorov mgrigo...@apache.org
Hi,
4) Add a Servlet Filter *before* WicketFilter in web.xml
The new filter will check whether there is an
But there is one big disadvantage of variant 4 (actually variant 1
partially has this one too):
Authentication should performed only when user steps to some secured page.
And it's not a way to separate secured and unsecured pages by url, because
it might be dynamic. Filter can't be aware of what's
Hi Ilia,
Option #6 is to have your own JAAS Login Module performing the
authentication to the external system.
The JAAS module is referenced in your AS config and its named policy is
called through JNDI in the #authenticate method, with the user/pwd the user
will supply.
In addition your can
Hi,
4) Add a Servlet Filter *before* WicketFilter in web.xml
The new filter will check whether there is an authenticated user or not and
do whatever is needed
Martin Grigorov
Wicket Training and Consulting
On Thu, Jan 16, 2014 at 9:29 AM, Илья Нарыжный phan...@ydn.ru wrote:
Guys,
Please