I don't like the idea of needing to subclass every component i want to
place security on, it should be possible out of the box. Besides this
still does not solve the fact that in the absence of a security check
the the render check also should be omitted imo.
Anyway i think my best bet is to place the check in the metadata as
you suggested.
thanks
2006/2/21, Igor Vaynberg <[EMAIL PROTECTED]>:
> i think there are a couple of ways you can do that. first you can use the
> metadata which allows for more generic implementations of security on
> component instance level as you mentioned.
>
> second if you really want to you can delegate back to the component. create
> a subclass of pagelink that implements the strategy and in the general
> strategy you can forward the security check back to the component.
>
> -Igor
>
>
>
> On 2/20/06, Maurice Marrink <[EMAIL PROTECTED]> wrote:
> >
> > Hi,
> >
> > I just started looking at IAuthorizationStrategy and the rest of the
> > security so i could have overlooked it but here is what i would like
> > to be able to do.
> > Specify a security check for each individual component to use (if
> > there is no check then don't bother). For instance i would like to
> > check all my pagelinks if they are allowed to go to there destination,
> > you might say that is easy take a strategy and put an if(component
> > instanceof PageLink){.......}. But on certain pages that same pagelink
> > class has to check for example if the user is an administrator, and so
> > there are several more exceptions to the default behaviour. As far as
> > i see it i have the following options:
> > 1 use the strategy and build a really big and elaborate series of if
> statements.
> > somehow this just doesn't seem right to me.
> > 2 the iactionauthorizer allows me to specify what to do for each
> > action. allowing me to create lots of actions like 'render A', 'render
> > B' and so on.
> > but i would like to use the same action over and over again and i
> > cannot override the default render action used for rendering.
> > 3 use the metadata facility in component to supply addiotional info i
> > can then use to check in the strategy.
> > i would still need to program a lot of if statements in the
> > strategy, see point 1.
> >
> > What i would like is the ability to set some sort of security check on
> > component (which has a similar interface as the strategy) and which
> > would allow me to do some extra stuff before going to the strategy. Or
> > just set the strategy on each individual component. The added
> > advantage of having a strategy per component is that if there is no
> > strategy apparently nothing needs checked.
> >
> > Or am i missing something and is what i want already there, or should
> > i do things differently.
> >
> > Maurice
> >
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> files
> > for problems? Stop! Download the new AJAX search engine that makes
> > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
> >
> http://sel.as-us.falkag.net/sel?cmdlnk&kid�3432&bid#0486&dat�1642
> > _______________________________________________
> > Wicket-develop mailing list
> > Wicket-develop@lists.sourceforge.net
> >
> https://lists.sourceforge.net/lists/listinfo/wicket-develop
> >
>
>
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid�3432&bid#0486&dat�1642
_______________________________________________
Wicket-develop mailing list
Wicket-develop@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-develop
