You could take a look at http://wicketstuff.org/wicketsecurity/basichttp/ It does the same with standard http headers. Source http://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicket-security/examples/all_in_one/src/main/java/org/apache/wicket/security/examples/httplogin/basic although if you want to get it running / compiling you want to check out from here http://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicket-security/
Maurice On Mon, May 19, 2008 at 4:32 PM, Igor Vaynberg <[EMAIL PROTECTED]> wrote: > On Mon, May 19, 2008 at 6:08 AM, Lauri Lehtinen > <[EMAIL PROTECTED]> wrote: >> Hello - >> >> I am in the process of porting a Struts application into Wicket, and would >> appreciate some insights regarding an upcoming task: >> >> I need to implement automatic sign-on based on the value of a custom HTTP >> header in the request, if the request is coming from a specific IP range. >> >> For those familiar with Struts - previously this has been handled using >> custom RequestProcessors, where you have access to the HttpServletRequest >> object. >> >> I have taken a look at the Wicket API, and ended up obeying the advice to >> mail this list before depending on WebRequest's getHttpServletRequest() >> method directly. >> >> So, my main questions: >> >> - Does Wicket provide access to custom HTTP headers in a request via other >> means than getHttpServletRequest()? > > i dont see why not, you know you are running in a webapp... > >> - Where in the Wicket land would YOU place the code responsible for >> automatic sign-on (every request that needs sign-on should go through that >> code before sending to a login page)? > > the code should go into IAuthorizationStrategy implementation, > probably on isInstantiationAuthorized. IAuthorizationStrategy is your > single point for security-related things. > > -igor > >> >> Thank you in advance for any comments on this. >> >> Best regards, >> Lauri Lehtinen >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
