Re: [Wicket-develop] security check when invoking a listener method

[Johan Compagner]

I moved is authorized code from component resource request target to the DefaultRequestTargetResolverStrategy
So that it is on the same place as: component.isVisibleInHierachy() and component.isEnabled() checks
And it works for all interface request targets there are. (as it should be)
You should never be able to call a components method when it is not visible or not enabled or not authorized for enable.


johan

On 2/28/06, Maurice Marrink <[EMAIL PROTECTED]> wrote:

Currently the ComponentResourceRequestTarget.respond checks for the
ENABLE action on a request. I would like the same behaviour for
ListenerInterfaceRequestTarget.processEvents. I have subclassed the
ListenerInterfaceRequestTarget for this purpose only to find i have a
hard time getting wicket to accept this new class.
Besides this option Page.beforeCallComponent is also available to
enforce security.

My question is should wicket automaticly check for the ENABLE action
uppon invoking a listener method just like it is the case for
resourcerequests or should developpers handle this themself.
If the latter is the case which option is prevered: override
ListenerInterfaceRequestTarget.processEvents   or override
Page.beforeCallComponent?

Maurice


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmdlnk&kid0944&bid$1720&dat1642
_______________________________________________
Wicket-develop mailing list
Wicket-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-develop