IMO two options come to mind: 1. you only need authentication: roll your own IAuthorizationStrategy that checks if your custom session has a username set 2. use wicket-auth-roles, giving you role based authorization (not-authorized, user and admin)
There are enough examples available on the wiki, in wicket-examples and wicket in action (chapter 11) Martijn On Wed, Feb 3, 2010 at 4:25 PM, Martin Asenov <[email protected]> wrote: > Hello guys! > > I want to ask you which security frameworks you use when it comes to > authenticating users through JPA. > I relied on JSecurity/Shiro but I can't set it up. I'm looking for a simple > framework but secure enough (not looking for extraordinary security), which I > can set pretty easily with my database that holds my custom User objects. > > Please give me some suggestions. > > Thanks! > > Regards, > Martin > > -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.4 increases type safety for web applications Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
