Hugues Pichereau wrote:
Sebastiaan van Erk wrote:[...] If you do override init, make sure to call super.init()Whao! well done, Sebastiaan, I was overriding init(), and not calling super.init(); Now it works. But what bugs me is that it solves my own application (where init() was overrided), but not the modified Wicket QuickStart application (where init() was NOT overrided) :confused:
Use the same method with breakpoints to check that init() of the AuthenticatedWebApplication is hit. My bet is that you have the wrong application class in your web.xml.
Regards, Sebastiaan
Regards, Hugues Sebastiaan van Erk wrote:[pasted from a private email] Do you have the wicket source attached? Because the best thing to do is just to step through the process.First place to start is to see if init() method is called in AuthenticatedWebApplication. (In your code below you do not override init, so it should be called. If you do override init, make sure to call super.init()).If the init method is called, put a breakpoint in the AnnotationsRoleAuthorizationStrategy on the isInstantiationAuthorized method and see if that gets hit.Regards, SebastiaanSebastiaan van Erk wrote:Looks good to me.I'm using just like you are. Are you sure that your wicket application class is correct (i.e., that your filter is actually using WicketApplication, and not WebApplication or something like that)?I sugguest putting some breakpoints and checking the logs. Your getHomePageClass() should be called for example, so putting a breakpoint there will tell you if your starting the correct application. Or a breakpoint in getWebSessionClass() will tell you if the authentication is being initalized.... etc...Regards, Sebastiaan Hugues Pichereau wrote:Hi, I would like to use Wicket authentication, as in the examples. So I modified the Wicket QuickStart project to use authentication, like this: public class WicketApplication extends AuthenticatedWebApplication { public WicketApplication() { } public Class getHomePage() { return HomePage.class; } @Override protected Class<? extends WebPage> getSignInPageClass() { return LoginPage.class; } @Override protected Class<? extends AuthenticatedWebSession> getWebSessionClass() { return WicketSession.class; } } public class WicketSession extends AuthenticatedWebSession { public WicketSession(AuthenticatedWebApplication application, Request request) { super(application, request); } @Override public boolean authenticate(String arg0, String arg1) { return false; // should block everybody } @Override public Roles getRoles() { return null; } } HomePage.html has:# Admin pagepublic class HomePage extends WebPage { public HomePage(final PageParameters parameters) { add(new PageLink("goto-admin", AdminPage.class)); } } LoginPage.html has: public final class LoginPage extends SignInPage { } And finally, the admin page to protect: @AuthorizeInstantiation("USER") public class AdminPage extends WebPage { } The problem is that a click from the HomePage always brings theAdminPage, without any LoginPage displayed.I used Wicket 1.3 beta4. After reading the Wicket example and 2 tutorials on authentication, I really can't see what I'm missing. Any idea ? Hugues
smime.p7s
Description: S/MIME Cryptographic Signature
