Hi Martin/All I actually solved the problem late yesterday. The issue is around the way in which spring security can be configured. There had been a lot of changes between 3.1 and 4.2. Mainly around configuration, as I said earlier. It is now advised also to use the configuration in the Java Code. However there were a few defaults that don't get overridden in the java config but do automatically in the XML definition, the main part being the way in which error and login processing is handled. Spring Security will default to process the login for you if you don't configure it correctly, which is why the signin code was not get used.
Which meant that error's were being handle by the spring security form which is why I couldn't access them. I have now configured everything properly and the example project shows how it needs to be configured. Thanks David On 9 January 2017 at 19:22, Martin Grigorov <mgrigo...@apache.org> wrote: > Hi David, > > What exactly is hard ? > What kind of errors you mean? > > Martin Grigorov > Wicket Training and Consulting > https://twitter.com/mtgrigorov > > On Fri, Jan 6, 2017 at 7:38 PM, David Beer <david.m.b...@gmail.com> wrote: > > > Hi Martin > > > > Happy New Year. > > > > Thanks for this. I have managed to get Started and have a configuration > > which indeed allows authenticated user to a specifc page. I can login and > > logout and it cleans the session, however I am having a hard time getting > > and displaying errors. > > > > My demo project is located on github here > > https://github.com/dmbeer/wicket-7-spring-security/tree/master. I > wondered > > if could have a quick look and see if everything is correct and point me > in > > the right direction for obtaining the error messages. > > > > Thanks > > > > David > > > > On 31 December 2016 at 06:12, Martin Grigorov <martin.grigo...@gmail.com > > > > wrote: > > > > > Hi David, > > > > > > Latest Spring Security release is 4.1.4, there is no 7.x ;-) > > > > > > I cannot share my project but the integration is quite simple. > > > > > > 1) define the Spring config (with an impl of UserDetailsService!) > > > 2) in your login logic (MyAuthenticatedWebSession#signin() or > > > MyLoginForm#onSubmit()) use Spring AuthenticationService# > > authenticate(new > > > UsernamePasswordAuthenticationToken(username, password)) > > > 3) if 2) is successful then you can use > > > SecurityContextHolder.getContext().getUser() to get the User returned > by > > > your UserDetailsService with its authorities, i.e. roles. You can use > > them > > > in Wicket's RolesAuthorizationStrategy > > > 4) if 2) is not successful then Spring Security will throw very > specific > > > exception with the reason > > > > > > P.S. I am on my phone now, without access to the application code, so > > some > > > class/method names might be slightly wrong but I hope they are good > > enough > > > to get you going! > > > > > > Happy New Year! > > > > > > On Dec 30, 2016 8:23 PM, "David Beer" <david.m.b...@gmail.com> wrote: > > > > > > > Hi All > > > > > > > > I am trying to add spring security to wicket 7. I have looked at > > example > > > > thomberges did but that doesn't really seem to work. If I comment out > > the > > > > code in the SecureWebsession all still seems to authenticate somehow. > > > > > > > > Is there an up to date project anyone has of integrating spring > > security > > > > with apache wicket? It would be really useful if a basic project > could > > be > > > > shared. > > > > > > > > Thanks > > > > David > > > > > > > > Happy New Year All > > > > > > > > > >
