i don't think it is possible to do... because HomePage isn't a secure page and then it's not under swarm control when it's rendered. i'm afraid that you have to do by your hand...
but i'm not an expert! ;-) Luca 2009/6/9 Christopher L Merrill <[email protected]> > I have a question about rendering of links to secure pages when the user > has not > been authenticated. > > Based on this line from the tutorial: > "In addition we granted links to our homepage the right to be clicked > (enable)." > I expected the link to either be non-visible or non-clickable - since I did > not grant the > enable permission for this page until login. The link is enabled (though > the user is > redirected to the login page when clicked). > > > > I've made my way through the getting-started guide > ( > http://wicketstuff.org/confluence/display/STUFFWIKI/Getting+started+with+Swarm > ) > and have a simple example working in my prototype. I have 3 pages: > - HomePage (non-secure) > - LoginPage (non-secure...obviously) > - Page2 (secure) > > My authorization file looks like this: > > grant principal > org.apache.wicket.security.hive.authorization.SimplePrincipal "basic" > { > permission > org.apache.wicket.security.hive.authorization.permissions.ComponentPermission > "com.webperformance.portal.web.Page2", "inherit, render"; > permission > org.apache.wicket.security.hive.authorization.permissions.ComponentPermission > "com.webperformance.portal.web.Page2", "enable"; > }; > > When the user logs in, they get the "basic" principal via a > UsernamePasswordContext. > > I have a link from the HomePage to Page2 (secure page). When the HomePage > renders and the > user had not logged in, the link is enabled. Clicking the link does not > take the user to > the page - it takes them to the login page. I was expecting the link to be > disabled - so > you don't even get the clickable cursor for it. Am I simply mistaken in my > understanding > of what "right to be clicked" means? Or have I missed some crucial bit > somewhere to allow > it to function as I expected? > > If user is not authorized for an action, we will either want links to be > disabled (i.e. non- > clickable) or be not rendered at all...depending on the context. Is this > something that > should be done via wasp/swarm or should I be doing this manually during > page construction? > > > TIA! > Chris > > > -- > ------------------------------------------------------------------------ - > Chris Merrill | Web Performance, Inc. > [email protected] | http://webperformance.com > 919-433-1762 | 919-845-7601 > > Website Load Testing and Stress Testing Software & Services > ------------------------------------------------------------------------ - > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
