there is no mechanism in pure java that would allow us to intercept an instantiation and execute something before that. we could do that with aop but that would force whatever aop solution we choose into your projects.
so we do the next best thing, we call the auth strategy from the Page constructor. what this means is that this is called as soon as you instantiate the page but *before* any code in any other subclass constructors runs. this is why isinstantiationauthorized gets a class and not an instance - because the instance is not yet fully constructed. so the auth code does run *before* your code. -igor On Thu, Jul 2, 2009 at 3:06 AM, Daniele Dellafiore<ilde...@gmail.com> wrote: > Hi everyone. I noticed this strange behavior this way. I mounted > MyPage to /mypage and if IO point to: > > http://localhost:8080/myapp/mypage > > before being authenticated, instead of being redirected to the > LoginPage I receive a blank page. The reason is in MyPage constructor > I try to access to the user, that is null so I get a NullPointer. > Now, the user is never supposed to be null cause MyPage is a > SecureWebPage so I expect it get instantiated just after being > authenticated. > > Now, I made some debug and have seen that the constructor of MyPage is > invoked before any calls to any AuthorizationStrategy method. > This happens for every page! > > This sounds strange to me, and to you? I expect > isInstantiationAuthorized to be called before... > > -- > Daniele Dellafiore > http://blog.ildella.net > http://twitter.com/ildella > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
