Search in sources :

Example 1 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project wicket by apache.

the class VideosApplication method init.

@Override
protected void init() {
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.mp4");
    }
}
Also used : IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard) SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard)

Example 2 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project ocvn by devgateway.

the class FormsWebApplication method init.

/**
 * <ul>
 * <li>making the wicket components injectable by activating the
 * SpringComponentInjector</li>
 * <li>mounting the test page</li>
 * <li>logging spring service method output to showcase working integration
 * </li>
 * </ul>
 */
@Override
protected void init() {
    super.init();
    // add allowed woff2 extension
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.woff2");
        guard.addPattern("+*.xlsx");
    }
    // this ensures that spring DI works for wicket components and pages
    // see @SpringBean annotation
    getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext));
    // this will scan packages for pages with @MountPath annotations and automatically create URLs for them
    new AnnotatedMountScanner().scanPackage(BASE_PACKAGE_FOR_PAGES).mount(this);
    getApplicationSettings().setUploadProgressUpdatesEnabled(true);
    getApplicationSettings().setAccessDeniedPage(Homepage.class);
    // deactivate ajax debug mode
    // getDebugSettings().setAjaxDebugModeEnabled(false);
    configureBootstrap();
    configureSummernote();
    optimizeForWebPerformance();
    // http://.../wicket/internal/debug/diskDataStore
    if (usesDevelopmentConfig()) {
        DebugDiskDataStore.register(this);
    }
    SessionFinderHolder.setSessionFinder(sessionFinderService);
}
Also used : IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard) SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard) AnnotatedMountScanner(org.wicketstuff.annotation.scan.AnnotatedMountScanner) SpringComponentInjector(org.apache.wicket.spring.injection.annot.SpringComponentInjector)

Example 3 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project hale by halestudio.

the class BaseWebApplication method init.

@Override
public void init() {
    super.init();
    BootstrapSettings settings = new BootstrapSettings();
    final ThemeProvider themeProvider = new BootswatchThemeProvider() {

        {
            add(new MetroTheme());
            add(new GoogleTheme());
            add(new WicketTheme());
            add(new Bootstrap3Theme());
            defaultTheme("bootstrap-responsive");
        // defaultTheme("bootstrap");
        }
    };
    settings.setThemeProvider(themeProvider);
    Bootstrap.install(this, settings);
    BootstrapLess.install(this);
    configureResourceBundles();
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+org/apache/wicket/resource/jquery/*.map");
    }
    // enforce mounts so security interceptors based on URLs can't be fooled
    getSecuritySettings().setEnforceMounts(true);
    getSecuritySettings().setAuthorizationStrategy(new SimplePageAuthorizationStrategy(SecuredPage.class, getLoginPageClass()) {

        @Override
        protected boolean isAuthorized() {
            SecurityContext securityContext = SecurityContextHolder.getContext();
            if (securityContext != null) {
                Authentication authentication = securityContext.getAuthentication();
                if (authentication != null && authentication.isAuthenticated()) {
                    for (GrantedAuthority authority : authentication.getAuthorities()) {
                        if (authority.getAuthority().equals(UserConstants.ROLE_USER) || authority.getAuthority().equals(UserConstants.ROLE_ADMIN)) {
                            // allow access only for users/admins
                            return true;
                        }
                    }
                }
            }
            return false;
        }
    });
    getComponentInstantiationListeners().add(new SpringComponentInjector(this));
    getRequestCycleListeners().add(new AbstractRequestCycleListener() {

        @Override
        public IRequestHandler onException(RequestCycle cycle, Exception ex) {
            return new RenderPageRequestHandler(new PageProvider(new ExceptionPage(ex)));
        }
    });
    // add login page to every application based on this one (if enabled)
    Class<? extends BasePage> loginClass = getLoginPageClass();
    if (loginClass != null) {
        // login page
        mountPage("/login", loginClass);
        // user settings
        mountPage("/settings", UserSettingsPage.class);
        // about
        mountPage("/about", AboutPage.class);
        // contact
        mountPage("/contact", ContactPage.class);
        if (OpenIdLoginPage.class.equals(loginClass)) {
            // for OpenID auth also add page for new users
            mountPage("/new", NewUserPage.class);
        }
    }
}
Also used : WicketTheme(de.agilecoders.wicket.themes.markup.html.wicket.WicketTheme) IRequestHandler(org.apache.wicket.request.IRequestHandler) RenderPageRequestHandler(org.apache.wicket.core.request.handler.RenderPageRequestHandler) GoogleTheme(de.agilecoders.wicket.themes.markup.html.google.GoogleTheme) RequestCycle(org.apache.wicket.request.cycle.RequestCycle) GrantedAuthority(org.springframework.security.core.GrantedAuthority) SimplePageAuthorizationStrategy(org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy) MetroTheme(de.agilecoders.wicket.themes.markup.html.metro.MetroTheme) Bootstrap3Theme(de.agilecoders.wicket.themes.markup.html.bootstrap3.Bootstrap3Theme) BootstrapSettings(de.agilecoders.wicket.core.settings.BootstrapSettings) IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard) SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard) Authentication(org.springframework.security.core.Authentication) PageProvider(org.apache.wicket.core.request.handler.PageProvider) AbstractRequestCycleListener(org.apache.wicket.request.cycle.AbstractRequestCycleListener) SecurityContext(org.springframework.security.core.context.SecurityContext) ExceptionPage(eu.esdihumboldt.hale.server.webapp.pages.ExceptionPage) SecuredPage(eu.esdihumboldt.hale.server.webapp.pages.SecuredPage) BootswatchThemeProvider(de.agilecoders.wicket.themes.settings.BootswatchThemeProvider) SpringComponentInjector(org.apache.wicket.spring.injection.annot.SpringComponentInjector) BootswatchThemeProvider(de.agilecoders.wicket.themes.settings.BootswatchThemeProvider) ThemeProvider(de.agilecoders.wicket.core.settings.ThemeProvider)

Example 4 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project oc-explorer by devgateway.

the class FormsWebApplication method init.

/**
 * <ul>
 * <li>making the wicket components injectable by activating the
 * SpringComponentInjector</li>
 * <li>mounting the test page</li>
 * <li>logging spring service method output to showcase working integration
 * </li>
 * </ul>
 */
@Override
protected void init() {
    super.init();
    // add allowed woff2 extension
    IPackageResourceGuard packageResourceGuard = getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard guard = (SecurePackageResourceGuard) packageResourceGuard;
        guard.addPattern("+*.woff2");
        guard.addPattern("+*.xlsx");
    }
    // this ensures that spring DI works for wicket components and pages
    // see @SpringBean annotation
    getComponentInstantiationListeners().add(new SpringComponentInjector(this, applicationContext));
    // this will scan packages for pages with @MountPath annotations and automatically create URLs for them
    new AnnotatedMountScanner().scanPackage(BASE_PACKAGE_FOR_PAGES).mount(this);
    getApplicationSettings().setUploadProgressUpdatesEnabled(true);
    getApplicationSettings().setAccessDeniedPage(Homepage.class);
    // deactivate ajax debug mode
    // getDebugSettings().setAjaxDebugModeEnabled(false);
    configureBootstrap();
    configureSummernote();
    optimizeForWebPerformance();
    // http://.../wicket/internal/debug/diskDataStore
    if (usesDevelopmentConfig()) {
        DebugDiskDataStore.register(this);
    }
    SessionFinderHolder.setSessionFinder(sessionFinderService);
}
Also used : IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard) SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard) AnnotatedMountScanner(org.wicketstuff.annotation.scan.AnnotatedMountScanner) SpringComponentInjector(org.apache.wicket.spring.injection.annot.SpringComponentInjector)

Example 5 with IPackageResourceGuard

use of org.apache.wicket.markup.html.IPackageResourceGuard in project wicket by apache.

the class MediaComponentsApplication method init.

@Override
protected void init() {
    super.init();
    getResourceSettings().setCachingStrategy(NoOpResourceCachingStrategy.INSTANCE);
    IPackageResourceGuard packageResourceGuard = org.apache.wicket.Application.get().getResourceSettings().getPackageResourceGuard();
    if (packageResourceGuard instanceof SecurePackageResourceGuard) {
        SecurePackageResourceGuard securePackageResourceGuard = (SecurePackageResourceGuard) packageResourceGuard;
        securePackageResourceGuard.addPattern("+*.vtt");
        securePackageResourceGuard.addPattern("+*.srt");
        securePackageResourceGuard.addPattern("+*.mp3");
        securePackageResourceGuard.addPattern("+*.m4a");
    }
}
Also used : IPackageResourceGuard(org.apache.wicket.markup.html.IPackageResourceGuard) SecurePackageResourceGuard(org.apache.wicket.markup.html.SecurePackageResourceGuard)

Aggregations

IPackageResourceGuard (org.apache.wicket.markup.html.IPackageResourceGuard)6 SecurePackageResourceGuard (org.apache.wicket.markup.html.SecurePackageResourceGuard)6 SpringComponentInjector (org.apache.wicket.spring.injection.annot.SpringComponentInjector)3 AnnotatedMountScanner (org.wicketstuff.annotation.scan.AnnotatedMountScanner)2 BootstrapSettings (de.agilecoders.wicket.core.settings.BootstrapSettings)1 ThemeProvider (de.agilecoders.wicket.core.settings.ThemeProvider)1 Bootstrap3Theme (de.agilecoders.wicket.themes.markup.html.bootstrap3.Bootstrap3Theme)1 GoogleTheme (de.agilecoders.wicket.themes.markup.html.google.GoogleTheme)1 MetroTheme (de.agilecoders.wicket.themes.markup.html.metro.MetroTheme)1 WicketTheme (de.agilecoders.wicket.themes.markup.html.wicket.WicketTheme)1 BootswatchThemeProvider (de.agilecoders.wicket.themes.settings.BootswatchThemeProvider)1 ExceptionPage (eu.esdihumboldt.hale.server.webapp.pages.ExceptionPage)1 SecuredPage (eu.esdihumboldt.hale.server.webapp.pages.SecuredPage)1 WicketRuntimeException (org.apache.wicket.WicketRuntimeException)1 SimplePageAuthorizationStrategy (org.apache.wicket.authorization.strategies.page.SimplePageAuthorizationStrategy)1 PageProvider (org.apache.wicket.core.request.handler.PageProvider)1 RenderPageRequestHandler (org.apache.wicket.core.request.handler.RenderPageRequestHandler)1 IRequestHandler (org.apache.wicket.request.IRequestHandler)1 AbstractRequestCycleListener (org.apache.wicket.request.cycle.AbstractRequestCycleListener)1 RequestCycle (org.apache.wicket.request.cycle.RequestCycle)1