Re: [Wicket-user] Integrating security frameworks for declaritive authorization

Sat, 11 Feb 2006 20:30:15 -0800 

Eelco Hillenius wrote:


Sounds nice!

Thanks for the rapid response.


The first thing you should look at is the interface
IAuthorizationStrategy. Then, look at wicket-auth-roles and
wicket-auth-roles-examples. 
This is a basic example implementation,
based on annotations and the metadata facility we've silently had in
Wicket for some time. They are actually two seperate implementations,
but for now they are in one project. Looking at that should give you a
fair idea how you can implement an implementation for guardian. It
shouldn't be too difficult I hope, but for questions there's the dev
and user lists and ##wicket on irc.freenode.net.
Thanks I appreciate it. I think you've given me enough to go on. Regardless you'll be hearing from me. 


If you are thinking about starting up a project for it, you might
consider putting it in wicket-stuff. Please send me an email directly
if you are interested in that.
Sure. I would be interested in doing this but I think we'll need to ASL Guardian. I'll get back to you directly about this after discussing it with a few people. 

Regards,
Alex



On 2/11/06, Alex Karasulu <[EMAIL PROTECTED]> wrote:

Hi folks,

Timothy Bennett and I have been thinking about how to hook Guardian
(http://guardian.safehaus.org), a simple authorization API into Wicket
so we can *declaratively* control the visibility of components on
pages.  More complex interactions though where you alert the user about
their lack of permissions where appropriate is another issue.

We specifically want to add a small piece of generic code which is not
application specific (like a plugin) to enable or disable components
based on permissions.  For example we could use the id of a component as
the name/label of a permission so the generic code can enable or disable
the component.  However interacting with the user is another concern as
I mentioned above.  Is there some best practice for adding such
functionality?

Do you have any advice on how we might approach this endeavor?

BTW, yes, the recent discussions regarding security frameworks has
triggered this question :).

Thanks,
Alex



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Wicket-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/wicket-user




-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=k&kid3432&bid#0486&dat1642
_______________________________________________
Wicket-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/wicket-user





-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Wicket-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/wicket-user

Reply via email to