Examples with IPackageResourceGuard org.apache.wicket.markup.html.IPackageResourceGuard used on opensource projects

Example 1 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project wicket by apache.

the class VideosApplication method init.

@Override
protected void init() {
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.mp4");
    }
}

Example 2 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project ocvn by devgateway.

the class FormsWebApplication method init.

/**
 * <ul>
 * <li>making the wicket components injectable by activating the
 * SpringComponentInjector</li>
 * <li>mounting the test page</li>
 * <li>logging spring service method output to showcase working integration
 * </li>
 * </ul>
 */
@Override
protected void init() {
    super.init();
    // add allowed woff2 extension
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.woff2");
        guard.addPattern("+*.xlsx");
    }
    // this ensures that spring DI works for wicket components and pages
    // see @SpringBean annotation
    getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext));
    // this will scan packages for pages with @MountPath annotations and automatically create URLs for them
    new AnnotatedMountScanner().scanPackage(BASE_PACKAGE_FOR_PAGES).mount(this);
    getApplicationSettings().setUploadProgressUpdatesEnabled(true);
    getApplicationSettings().setAccessDeniedPage(Homepage.class);
    // deactivate ajax debug mode
    // getDebugSettings().setAjaxDebugModeEnabled(false);
    configureBootstrap();
    configureSummernote();
    optimizeForWebPerformance();
    // http://.../wicket/internal/debug/diskDataStore
    if (usesDevelopmentConfig()) {
        DebugDiskDataStore.register(this);
    }
    SessionFinderHolder.setSessionFinder(sessionFinderService);
}

Example 3 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project hale by halestudio.

the class BaseWebApplication method init.

@Override
public void init() {
    super.init();
    BootstrapSettings settings = new BootstrapSettings();
    final ThemeProvider themeProvider = new BootswatchThemeProvider() {

        {
            add(new MetroTheme());
            add(new GoogleTheme());
            add(new WicketTheme());
            add(new Bootstrap3Theme());
            defaultTheme("bootstrap-responsive");
        // defaultTheme("bootstrap");
        }
    };
    settings.setThemeProvider(themeProvider);
    Bootstrap.install(this, settings);
    BootstrapLess.install(this);
    configureResourceBundles();
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+org/apache/wicket/resource/jquery/*.map");
    }
    // enforce mounts so security interceptors based on URLs can't be fooled
    getSecuritySettings().setEnforceMounts(true);
    getSecuritySettings().setAuthorizationStrategy(new SimplePageAuthorizationStrategy(SecuredPage.class, getLoginPageClass()) {

        @Override
        protected boolean isAuthorized() {
            SecurityContext securityContext = SecurityContextHolder.getContext();
            if (securityContext != null) {
                Authentication authentication = securityContext.getAuthentication();
                if (authentication != null && authentication.isAuthenticated()) {
                    for (GrantedAuthority authority : authentication.getAuthorities()) {
                        if (authority.getAuthority().equals(UserConstants.ROLE_USER) || authority.getAuthority().equals(UserConstants.ROLE_ADMIN)) {
                            // allow access only for users/admins
                            return true;
                        }
                    }
                }
            }
            return false;
        }
    });
    getComponentInstantiationListeners().add(new SpringComponentInjector(this));
    getRequestCycleListeners().add(new AbstractRequestCycleListener() {

        @Override
        public IRequestHandler onException(RequestCycle cycle, Exception ex) {
            return new RenderPageRequestHandler(new PageProvider(new ExceptionPage(ex)));
        }
    });
    // add login page to every application based on this one (if enabled)
    Class<? extends BasePage> loginClass = getLoginPageClass();
    if (loginClass != null) {
        // login page
        mountPage("/login", loginClass);
        // user settings
        mountPage("/settings", UserSettingsPage.class);
        // about
        mountPage("/about", AboutPage.class);
        // contact
        mountPage("/contact", ContactPage.class);
        if (OpenIdLoginPage.class.equals(loginClass)) {
            // for OpenID auth also add page for new users
            mountPage("/new", NewUserPage.class);
        }
    }
}

Example 4 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project oc-explorer by devgateway.

the class FormsWebApplication method init.

/**
 * <ul>
 * <li>making the wicket components injectable by activating the
 * SpringComponentInjector</li>
 * <li>mounting the test page</li>
 * <li>logging spring service method output to showcase working integration
 * </li>
 * </ul>
 */
@Override
protected void init() {
    super.init();
    // add allowed woff2 extension
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.woff2");
        guard.addPattern("+*.xlsx");
    }
    // this ensures that spring DI works for wicket components and pages
    // see @SpringBean annotation
    getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext));
    // this will scan packages for pages with @MountPath annotations and automatically create URLs for them
    new AnnotatedMountScanner().scanPackage(BASE_PACKAGE_FOR_PAGES).mount(this);
    getApplicationSettings().setUploadProgressUpdatesEnabled(true);
    getApplicationSettings().setAccessDeniedPage(Homepage.class);
    // deactivate ajax debug mode
    // getDebugSettings().setAjaxDebugModeEnabled(false);
    configureBootstrap();
    configureSummernote();
    optimizeForWebPerformance();
    // http://.../wicket/internal/debug/diskDataStore
    if (usesDevelopmentConfig()) {
        DebugDiskDataStore.register(this);
    }
    SessionFinderHolder.setSessionFinder(sessionFinderService);
}

Example 5 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project wicket by apache.

the class MediaComponentsApplication method init.

@Override
protected void init() {
    super.init();
    getResourceSettings().setCachingStrategy(NoOpResourceCachingStrategy.INSTANCE);
    IPackageResourceGuard packageResourceGuard = org.apache.wicket.Application.get().getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard securePackageResourceGuard = (SecurePackageResourceGuard) packageResourceGuard;
        securePackageResourceGuard.addPattern("+*.vtt");
        securePackageResourceGuard.addPattern("+*.srt");
        securePackageResourceGuard.addPattern("+*.mp3");
        securePackageResourceGuard.addPattern("+*.m4a");
    }
}