Well if you insist on building your own, even though there are 2 perfectly appliable frameworks for your situation, then why not take a look at how they add the authentication info to the component. I'll save you some time: both use component metadata, you could also like wicket-auth-roles does too, use annotations. But maybe, since you want to do everything yourself you can come up with an new way.
Maurice On Sat, Mar 29, 2008 at 8:04 PM, Vitaly Tsaplin <[EMAIL PROTECTED]> wrote: > Actually I am not going to use anything from wicket staff here. I > have just one role - a user which is logged in :) And so I am just > going to use the RENDER action defined by wicket to avoid an explicit > call of setVisible () and to use authorization mechanism instead to > hide components from guests (who is not logged in). I guess the > isActionAuthorized () method of the IAuthorizationStrategy class is a > rigth place to do the check. The only thing is missing for me is how > to add an auth info to a particular component. This info can be > extracted later by isActionAuthorized () to decide weither rendering > allowed or not. > > > > On Sat, Mar 29, 2008 at 6:54 PM, Maurice Marrink <[EMAIL PROTECTED]> wrote: > > Using either wicket-auth-roles or swarm you typically only declare > > which action you want to check and don't do the actual check yourself > > unless you plan on doing something special. > > How you declare which action is required depends on the security > > framework you are using. > > In wicket-auth-roles you add an AuthorizeActions annotation. > > In swarm you declare permissions in a policy file, which are or are > > not granted to the user. > > > > Maurice > > > > > > > > On Fri, Mar 28, 2008 at 4:42 PM, Vitaly Tsaplin > > <[EMAIL PROTECTED]> wrote: > > > Hi people, > > > > > > My question is simple... :) How to use an action level > > > authorization. I cannot find any info or example. > > > As I can guess I have to associate a role using setMetaData () with > > > a component and then in IAuthorizationStrategy.isActionAuthorized () I > > > do an actual check by taking the associated role from the given > > > component by key and comparing it with a role of a current user. Is it > > > correct guess? > > > > > > Vitaly > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]