we need to avoid confusing things. the instantiation of a page
component is also an authorization issue and is already covered by
IAuthorizationStrategy:
/**
* Checks whether an instance of the given component class may be
created.
* If this method returns false, a [EMAIL PROTECTED] AuthorizationException} is
thrown
* during construction.
*
* @param componentClass
* The component class to check
* @return Whether the given component may be created
*/
boolean authorizeInstantiation(Class componentClass);
if you try to instantiate a page that isn't allowed, you will get an
UnauthorizedInstantiationException thrown with the class in that exception.
SourceForge.net wrote:
Feature Requests item #1408679, was opened at 2006-01-18 01:46
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=684978&aid=1408679&group_id=119783
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: core
Group: 1.2
Status: Open
Priority: 5
Submitted By: Igor Vaynberg (ivaynberg)
Assigned to: Nobody/Anonymous (nobody)
Summary: time for IAuthenticationStrategy
Initial Comment:
is it time we created an authentication strategy? we
have a pretty good authorization strategy so now we
need to fill the gap.
the only thing i can think off is a simple interface
like this
IAuthenticationStrategy {
boolean allowPageInstantiation(Clazz page);
}
dont know if this can really be called authentication
strategy since it really has no authentication-specific
methods in it... but we have to start somewhere
so it might look like this:
MyStrategy implements IAuthenticationStrategy {
boolean allowPageInstantiation(Clazz page) {
if (page instanceof LoginPage.class) {
return true;
} else if (page instanceof SecurePage) {
if (!session.isloggedin()) {
RequestCycle.get().setImmediateResponsePage(LoginPage.class);
}
return true;
}
}
i think that will cover most usecases and the impl can
be pluggable.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=684978&aid=1408679&group_id=119783
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Wicket-develop mailing list
Wicket-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-develop
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Wicket-develop mailing list
Wicket-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-develop
