The default auth-roles project is just an example of how to do *simple* authentication and authorization. It only supports 3 roles: not logged in, logged in user and administrator. For more complex things or flexibility you'll need something like Apache Shiro, Wicket Security (now hosted on wicket stuff), or spring security.
Some applications are a hybrid of old Spring MVC pages/insert other framework that use [spring security|shiro]. Migrating those applications to Wicket could leave the old pages alive, using the spring security stuff. Wicket being secure by default is different from having an authorization/authentication scheme out of the box. Security frameworks are just as encompassing as ORM frameworks. Java comes with JDBC, so why use Hibernate? Martijn On Mon, Sep 19, 2011 at 9:55 AM, Zilvinas Vilutis <cika...@gmail.com> wrote: > Hi all Wicket users. > > While I was trying to design a wicket app in my mind - the first thing > I thought of was authentication and ( spring ) security. > > I know that "wicket is secure" by default ( a quote from wicket > features? :), we can use wicket auth & annotation based security. > Wicket will automatically redirect to original page after login. > > So...did anyone think of it - what is the real reason to use spring or > other security framework ( shiro? ) for authentication? what benefits > does it bring apart from some standards & overhead for the app? is it > integration with other auth systems ( OpenID, Facebook login or > whatever )? or what? > > Just pennies for thought... > > Žilvinas Vilutis > > Mobile: (+1) 623 330 6048 > E-mail: cika...@gmail.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@maven.apache.org > For additional commands, e-mail: users-h...@maven.apache.org > > -- Become a Wicket expert, learn from the best: http://wicketinaction.com --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org