Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

wicket.authorization.strategies.page
Class SimplePageAuthorizationStrategy

java.lang.Object
  extended by wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy
      extended by wicket.authorization.strategies.page.SimplePageAuthorizationStrategy
All Implemented Interfaces:
IAuthorizationStrategy
public abstract class SimplePageAuthorizationStrategy
extends AbstractPageAuthorizationStrategy

A very simple authorization strategy that takes a supertype (a base class or tagging interface) and performs a simple authorization check by calling the abstract method isAuthorized() whenever a Page class that extends or implements the supertype is about to be instantiated. If that method returns true, page instantiation proceeds normally. If it returns false, the user is automatically directed to the specified sign-in page for authentication, which will presumably allow authorization to succeed once they have signed in.

In your Application.init() method do something like the following: 

 SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(
                MySecureWebPage.class, MySignInPage.class)
 {
     protected boolean isAuthorized()
           {
                   // Authorize access based on user authentication in the session
                   return (((MySession)Session.get()).isSignedIn());
           }
 };
 
 getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);

Author:
Eelco Hillenius, Jonathan Locke

Field Summary
 
Fields inherited from interface wicket.authorization.IAuthorizationStrategy
ALLOW_ALL
 
Constructor Summary
SimplePageAuthorizationStrategy(java.lang.Class securePageSuperType, java.lang.Class signInPageClass)
          Construct.
 
Method Summary
protected abstract  boolean isAuthorized()
          Gets whether the current user/session is authorized to instantiate a page class which extends or implements the supertype (base class or tagging interface) passed to the constructor.
protected  boolean isPageAuthorized(java.lang.Class pageClass)
          Whether to page may be created.
 
Methods inherited from class wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy
instanceOf, isActionAuthorized, isInstantiationAuthorized
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

SimplePageAuthorizationStrategy

public SimplePageAuthorizationStrategy(java.lang.Class securePageSuperType,
                                       java.lang.Class signInPageClass)
Construct.

Parameters:
securePageSuperType - The class or interface supertype that indicates that a given Page requires authorization
signInPageClass - The sign in page class
Method Detail

isPageAuthorized

protected boolean isPageAuthorized(java.lang.Class pageClass)
Description copied from class: AbstractPageAuthorizationStrategy
Whether to page may be created. Returns true by default.

Overrides:
isPageAuthorized in class AbstractPageAuthorizationStrategy
Parameters:
pageClass - The Page class
Returns:
True if to page may be created
See Also:
AbstractPageAuthorizationStrategy.isPageAuthorized(java.lang.Class)

isAuthorized

protected abstract boolean isAuthorized()
Gets whether the current user/session is authorized to instantiate a page class which extends or implements the supertype (base class or tagging interface) passed to the constructor.

Returns:
True if the instantiation should be allowed to proceed. False, if the user should be directed to the application's sign-in page.
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2007 Wicket developers. All Rights Reserved.