Hello, namesake! I've already done component authorization with the means wicket is supplied with. I'm looking only for login authentication using my JPA DB, which I don't believe is included in Wicket. There's a Wicket Security project that afaik is not stable yet, so I can't use it.
I need only to authenticate users when they attempt to login. Not just call something like this: User user = MyUtilities.getUserByCredentials(name, password); if (user == null) return false; else ...do further processing I want something more secure than this. Regards, Martin -----Original Message----- From: Martijn Dashorst [mailto:[email protected]] Sent: Wednesday, February 03, 2010 6:14 PM To: [email protected] Subject: Re: webapp authentication IMO two options come to mind: 1. you only need authentication: roll your own IAuthorizationStrategy that checks if your custom session has a username set 2. use wicket-auth-roles, giving you role based authorization (not-authorized, user and admin) There are enough examples available on the wiki, in wicket-examples and wicket in action (chapter 11) Martijn On Wed, Feb 3, 2010 at 4:25 PM, Martin Asenov <[email protected]> wrote: > Hello guys! > > I want to ask you which security frameworks you use when it comes to > authenticating users through JPA. > I relied on JSecurity/Shiro but I can't set it up. I'm looking for a simple > framework but secure enough (not looking for extraordinary security), which I > can set pretty easily with my database that holds my custom User objects. > > Please give me some suggestions. > > Thanks! > > Regards, > Martin > > -- Become a Wicket expert, learn from the best: http://wicketinaction.com Apache Wicket 1.4 increases type safety for web applications Get it now: http://www.apache.org/dyn/closer.cgi/wicket/1.4.4 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
