Re: Wicket-auth-roles + EJB 3 (Authentication and Authorization)

Sun, 22 Mar 2009 23:51:51 -0700 

Hi Barry,
I've running three webapps using wicket (1.3) wicket-security (SWARM/WASP) together with JAAS. 
It's working great. Ok, the logout isn't very nice but it's doing it's job.
At first I had the same impression that's a hack and complicated but now, using it several times. It looks easy and it makes sense to me. 

Thinks I had to do:
- Create a "CustomPrincipal"

   Just let it implement 
"org.apache.wicket.security.hive.authorization.Principal"
  
- Create a "CustomSubject"

   Extends "org.apache.wicket.security.hive.authentication.DefaultSubject"

- Create a "CustomLoginContext"
   Extends "org.apache.wicket.security.hive.authentication.LoginContext"
   implement the JAAS Login in the login() method of the CustomLoginContext

   and take care that the subject is filled with the username and the 
gorups (of jaas)

   are filled in as principals in the subject.

- Modify your WebApplication to extend Swam
   Extend "org.apache.wicket.security.swarm.SwarmWebApplication"
   implement setUpHive and getLoginPage

- create your hive-file.


You wanted to use w1.4, so I think that you'll have to patch swarm/wasp 
a little bit to work with 1.4


M.

  


Barry van Someren schrieb:

Hi all,

I've been busy on a project of mine that uses Wicket 1.4 RC 2 as a
frontend to a collection of EJB3 beans containing my business logic.
As users of this application will be able to use webservices as well
to use the application I'd also like to use authentication and more
importantly authorization on the side of the EJB's

I'm fairly familiar with EJB security but not very familiar with
Wicket security and I'm wondering what is the best course of action to
authenticate a user inside the Wicket application AND to put these
credentials inside the EJBContext?
I'm looking at 
http://cwiki.apache.org/WICKET/servlet-container-authentication.html
and seeing if I can somehow integrate the two, but it sounds a bit
like a hack.

Any other suggestions worth looking at?
Google is not returning much unfortunately.

Many thanks!


  



---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]























					Reply via email to