Example 1 with SimplePageAuthorizationStrategy
use of org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy in project hale by halestudio.
the class BaseWebApplication method init.
@Override
public void init() {
super.init();
BootstrapSettings settings = new BootstrapSettings();
final ThemeProvider themeProvider = new BootswatchThemeProvider() {
{
add(new MetroTheme());
add(new GoogleTheme());
add(new WicketTheme());
add(new Bootstrap3Theme());
defaultTheme("bootstrap-responsive");
// defaultTheme("bootstrap");
}
};
settings.setThemeProvider(themeProvider);
Bootstrap.install(this, settings);
BootstrapLess.install(this);
configureResourceBundles();
IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
if (packageResourceGuard instanceof SecurePackageResourceGuard) {
SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
guard.addPattern("+org/apache/wicket/resource/jquery/*.map");
}
// enforce mounts so security interceptors based on URLs can't be fooled
getSecuritySettings().setEnforceMounts(true);
getSecuritySettings().setAuthorizationStrategy(new SimplePageAuthorizationStrategy(SecuredPage.class, getLoginPageClass()) {
@Override
protected boolean isAuthorized() {
SecurityContext securityContext = SecurityContextHolder.getContext();
if (securityContext != null) {
Authentication authentication = securityContext.getAuthentication();
if (authentication != null && authentication.isAuthenticated()) {
for (GrantedAuthority authority : authentication.getAuthorities()) {
if (authority.getAuthority().equals(UserConstants.ROLE_USER) || authority.getAuthority().equals(UserConstants.ROLE_ADMIN)) {
// allow access only for users/admins
return true;
}
}
}
}
return false;
}
});
getComponentInstantiationListeners().add(new SpringComponentInjector(this));
getRequestCycleListeners().add(new AbstractRequestCycleListener() {
@Override
public IRequestHandler onException(RequestCycle cycle, Exception ex) {
return new RenderPageRequestHandler(new PageProvider(new ExceptionPage(ex)));
}
});
// add login page to every application based on this one (if enabled)
Class<? extends BasePage> loginClass = getLoginPageClass();
if (loginClass != null) {
// login page
mountPage("/login", loginClass);
// user settings
mountPage("/settings", UserSettingsPage.class);
// about
mountPage("/about", AboutPage.class);
// contact
mountPage("/contact", ContactPage.class);
if (OpenIdLoginPage.class.equals(loginClass)) {
// for OpenID auth also add page for new users
mountPage("/new", NewUserPage.class);
}
}
}
Also used :
WicketTheme(de.agilecoders.wicket.themes.markup.html.wicket.WicketTheme)
IRequestHandler(org.apache.wicket.request.IRequestHandler)
RenderPageRequestHandler(org.apache.wicket.core.request.handler.RenderPageRequestHandler)
GoogleTheme(de.agilecoders.wicket.themes.markup.html.google.GoogleTheme)
RequestCycle(org.apache.wicket.request.cycle.RequestCycle)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
SimplePageAuthorizationStrategy(org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy)
MetroTheme(de.agilecoders.wicket.themes.markup.html.metro.MetroTheme)
Bootstrap3Theme(de.agilecoders.wicket.themes.markup.html.bootstrap3.Bootstrap3Theme)
BootstrapSettings(de.agilecoders.wicket.core.settings.BootstrapSettings)
IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard)
SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard)
Authentication(org.springframework.security.core.Authentication)
PageProvider(org.apache.wicket.core.request.handler.PageProvider)
AbstractRequestCycleListener(org.apache.wicket.request.cycle.AbstractRequestCycleListener)
SecurityContext(org.springframework.security.core.context.SecurityContext)
ExceptionPage(eu.esdihumboldt.hale.server.webapp.pages.ExceptionPage)
SecuredPage(eu.esdihumboldt.hale.server.webapp.pages.SecuredPage)
BootswatchThemeProvider(de.agilecoders.wicket.themes.settings.BootswatchThemeProvider)
SpringComponentInjector(org.apache.wicket.spring.injection.annot.SpringComponentInjector)
BootswatchThemeProvider(de.agilecoders.wicket.themes.settings.BootswatchThemeProvider)
ThemeProvider(de.agilecoders.wicket.core.settings.ThemeProvider)
Example 2 with SimplePageAuthorizationStrategy
use of org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy in project wicket by apache.
the class Test method testRedirect.
/**
*/
@org.junit.Test
public void testRedirect() {
final IAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(RedirectPage.class, LoginPage.class) {
@Override
protected boolean isAuthorized() {
return false;
}
};
tester.getApplication().getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);
tester.startPage(RedirectPage.class);
tester.assertRenderedPage(LoginPage.class);
}
Also used :
IAuthorizationStrategy(org.apache.wicket.authorization.IAuthorizationStrategy)
SimplePageAuthorizationStrategy(org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy)
Example 3 with SimplePageAuthorizationStrategy
use of org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy in project wicket by apache.
the class LibraryApplication method init.
@Override
protected void init() {
super.init();
getResourceSettings().setThrowExceptionOnMissingResource(false);
getRequestCycleSettings().setRenderStrategy(RequestCycleSettings.RenderStrategy.REDIRECT_TO_RENDER);
// Install a simple page authorization strategy, that checks all pages
// of type AuthenticatedWebPage.
IAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(AuthenticatedWebPage.class, SignIn.class) {
@Override
protected boolean isAuthorized() {
// check whether the user is logged on
return (((LibrarySession) Session.get()).isSignedIn());
}
};
getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);
}
Also used :
IAuthorizationStrategy(org.apache.wicket.authorization.IAuthorizationStrategy)
SimplePageAuthorizationStrategy(org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy)
Aggregations
SimplePageAuthorizationStrategy (org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy)3
IAuthorizationStrategy (org.apache.wicket.authorization.IAuthorizationStrategy)2
BootstrapSettings (de.agilecoders.wicket.core.settings.BootstrapSettings)1
ThemeProvider (de.agilecoders.wicket.core.settings.ThemeProvider)1
Bootstrap3Theme (de.agilecoders.wicket.themes.markup.html.bootstrap3.Bootstrap3Theme)1
GoogleTheme (de.agilecoders.wicket.themes.markup.html.google.GoogleTheme)1
MetroTheme (de.agilecoders.wicket.themes.markup.html.metro.MetroTheme)1
WicketTheme (de.agilecoders.wicket.themes.markup.html.wicket.WicketTheme)1
BootswatchThemeProvider (de.agilecoders.wicket.themes.settings.BootswatchThemeProvider)1
ExceptionPage (eu.esdihumboldt.hale.server.webapp.pages.ExceptionPage)1
SecuredPage (eu.esdihumboldt.hale.server.webapp.pages.SecuredPage)1
PageProvider (org.apache.wicket.core.request.handler.PageProvider)1
RenderPageRequestHandler (org.apache.wicket.core.request.handler.RenderPageRequestHandler)1
IPackageResourceGuard (org.apache.wicket.markup.html.IPackageResourceGuard)1
SecurePackageResourceGuard (org.apache.wicket.markup.html.SecurePackageResourceGuard)1
IRequestHandler (org.apache.wicket.request.IRequestHandler)1
AbstractRequestCycleListener (org.apache.wicket.request.cycle.AbstractRequestCycleListener)1
RequestCycle (org.apache.wicket.request.cycle.RequestCycle)1
SpringComponentInjector (org.apache.wicket.spring.injection.annot.SpringComponentInjector)1
Authentication (org.springframework.security.core.Authentication)1
