Please do, yesterday i checked in some changes that should redirect you to the login page if you place secure components on a non secure page.
All the documentation and examples are still work in progress but you could check out the junit tests and the documentation here http://wicketstuff.org/confluence/display/STUFFWIKI/Getting+started+with+Swarm and here http://wicketstuff.org/confluence/display/STUFFWIKI/Wicket-Security Maurice On 6/3/07, mchack <[EMAIL PROTECTED]> wrote: > > The override of onUnauthorizedPage didn't work because the framework was > throwing the UnauthorizedInstantiationException because the page itself was > not secure, but the component was. I was able to handle this by overriding > the WebRequestCycle to handle exceptions explicitly as indicated in the > previous post: > > http://www.nabble.com/Exception-Strategy-in-1.3-tf3793570.html#a10790773 > > My reason for doing this is that I have a fairly generic bookmarkable page > (single class) that will serve up varied content (markup) depending upon the > URL. I also have a dynamic mechanism using resolve() to detect wicket:id's > that have behavior of my choosing. So, my motivation is that while the pages > themselves are not declared "secure", the HTML developer could inadvertantly > reference a secured component. Hence my desire to trap instantiation issues > at the component level and then do proper redirection to either the login > page or error page. > > While not a classic use of the framework, I think it has some merit. I will > also check out the WASP and SWARM projects. > > > > Eelco Hillenius wrote: > > > > Hi, > > > > On 6/3/07, Maurice Marrink <[EMAIL PROTECTED]> wrote: > >> Not sure if it is the preferred way of doing things (since this is > >> Eelco's framework) > > > > That part is actually Jonathan's > > > >> but you could override the init() method and set up > >> a different authorizationstrategy and or instantiationlistener, all > >> you have to do for that is skip the call to super and do something > >> similar yourself. > > > > Imho, that class is better viewed as an example. > > > >> Or you can ask Eelco nice and maybe he will remove the final :) > > > > I don't think that's needed though. How about overriding > > onUnauthorizedPage? As long as a user isn't logged in, the strategy > > will redirect to the page that is returned by getSignInPageClass. > > After that, onUnauthorizedPage is called when a user tries to access a > > page he/ she isn't authorized for. > > > > Eelco > > > > ------------------------------------------------------------------------- > > This SF.net email is sponsored by DB2 Express > > Download DB2 Express C - the FREE version of DB2 express and take > > control of your XML. No limits. Just data. Click to get it now. > > http://sourceforge.net/powerbar/db2/ > > _______________________________________________ > > Wicket-user mailing list > > Wicket-user@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/wicket-user > > > > > > -- > View this message in context: > http://www.nabble.com/AuthenticatedWebApplication---Component-Level-Authentication-tf3854757.html#a10939875 > Sent from the Wicket - User mailing list archive at Nabble.com. > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
