Re: intercept security check in wicket-auth-roles
You don't have to use the spring xml config files to use Sprint Security. Just instantiate the beans from code! There is a small catch, you'll need to know something about Spring callbacks. These are some interface that Spring will automatically call. These are: InitializingBean, BeanNameAware, BeanFactoryAware and ApplicationContextAware. Hopefully Spring Security does not depend on them. But there are other options like jsecurity and lots of options on http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki. Regards, Erik. Brill Pappin wrote: Thanks for the heads up. I'll have to look at the security project again, but one thing I really like about auth-roles is that is so amazingly simply to deploy... however, I don't use spring (I'm a detractors of frameworks that use metadata where code should be) so I don't think its going to be any use to me here. - Brill On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: The wicket-security framework has possibilities to integrate with SSO mechanisms. Next to that, you can integrate with spring-security and all authentication mechanisms supported by that. The yahoo-bbauth sample may help you to get an idea on how that works. Olger On 11 jul 2009, at 08:09, Brill Pappin wrote: I actually find it very usable and i love how simple it is... does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Erik van Oosten http://day-to-day-stuff.blogspot.com/ - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
JSecurity has been renamed to Apache Shiro and is referenced in the linked page as 'wicket-shiro'. Cheers, Les On Mon, Jul 13, 2009 at 3:41 AM, Erik van Oosten e.vanoos...@grons.nlwrote: You don't have to use the spring xml config files to use Sprint Security. Just instantiate the beans from code! There is a small catch, you'll need to know something about Spring callbacks. These are some interface that Spring will automatically call. These are: InitializingBean, BeanNameAware, BeanFactoryAware and ApplicationContextAware. Hopefully Spring Security does not depend on them. But there are other options like jsecurity and lots of options on http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki. Regards, Erik. Brill Pappin wrote: Thanks for the heads up. I'll have to look at the security project again, but one thing I really like about auth-roles is that is so amazingly simply to deploy... however, I don't use spring (I'm a detractors of frameworks that use metadata where code should be) so I don't think its going to be any use to me here. - Brill On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: The wicket-security framework has possibilities to integrate with SSO mechanisms. Next to that, you can integrate with spring-security and all authentication mechanisms supported by that. The yahoo-bbauth sample may help you to get an idea on how that works. Olger On 11 jul 2009, at 08:09, Brill Pappin wrote: I actually find it very usable and i love how simple it is... does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Erik van Oosten http://day-to-day-stuff.blogspot.com/ - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
Thanks for the heads up. I'll have to look at the security project again, but one thing I really like about auth-roles is that is so amazingly simply to deploy... however, I don't use spring (I'm a detractors of frameworks that use metadata where code should be) so I don't think its going to be any use to me here. - Brill On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: The wicket-security framework has possibilities to integrate with SSO mechanisms. Next to that, you can integrate with spring-security and all authentication mechanisms supported by that. The yahoo-bbauth sample may help you to get an idea on how that works. Olger On 11 jul 2009, at 08:09, Brill Pappin wrote: I actually find it very usable and i love how simple it is... does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
I actually took the wicket-auth-roles and rolled a custom solution. I'd put it up but never went back to make sure it was properly tested for distribution :) - brill On 3-Jul-09, at 6:28 AM, fstof wrote: Any luck with this? I'm looking to do the same thing, but how Brill Pappin wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth- roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- View this message in context: http://www.nabble.com/intercept-security-check-in-wicket-auth-roles-tp22122773p24320938.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
I actually find it very usable and i love how simple it is... does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
The wicket-security framework has possibilities to integrate with SSO mechanisms. Next to that, you can integrate with spring-security and all authentication mechanisms supported by that. The yahoo-bbauth sample may help you to get an idea on how that works. Olger On 11 jul 2009, at 08:09, Brill Pappin wrote: I actually find it very usable and i love how simple it is... does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
Any luck with this? I'm looking to do the same thing, but how Brill Pappin wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth- roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- View this message in context: http://www.nabble.com/intercept-security-check-in-wicket-auth-roles-tp22122773p24320938.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: intercept security check in wicket-auth-roles
wicket auth roles is an example, not a reusable framework. you should copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappinbr...@pappin.ca wrote: I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth-roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
intercept security check in wicket-auth-roles
I'm trying to integrate wicket-auth-roles with a token based SSO security system. I can't see where I can intercept the authentication sequence and auto-login the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth- roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
