org.apache.wicket.authroles.authentication

Class AuthenticatedWebApplication

java.lang.Object

org.apache.wicket.Application

org.apache.wicket.protocol.http.WebApplication

org.apache.wicket.authroles.authentication.AuthenticatedWebApplication

All Implemented Interfaces:

IUnauthorizedComponentInstantiationListener, IRoleCheckingStrategy, IEventSink, ISessionStore.UnboundListener

public abstract class AuthenticatedWebApplication
extends WebApplication
implements IRoleCheckingStrategy, IUnauthorizedComponentInstantiationListener

A web application subclass that does role-based authentication.

Author:

Jonathan Locke

Field Summary

Fields inherited from class org.apache.wicket.protocol.http.WebApplication

META_INF_RESOURCES

Fields inherited from class org.apache.wicket.Application

CONFIGURATION

Constructor Summary

Constructors

Constructor and Description
AuthenticatedWebApplication() Constructor

Method Summary

Methods

Modifier and Type	Method and Description
protected abstract Class<? extends WebPage>	getSignInPageClass()
protected abstract Class<? extends AbstractAuthenticatedWebSession>	getWebSessionClass()
boolean	hasAnyRole(Roles roles) Whether any of the given roles matches.
protected void	init()
Session	newSession(org.apache.wicket.request.Request request, org.apache.wicket.request.Response response)
void	onUnauthorizedInstantiation(Component component)
protected void	onUnauthorizedPage(Page page) Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access.
void	restartResponseAtSignInPage() Restarts response at sign in page.

Methods inherited from class org.apache.wicket.protocol.http.WebApplication

addResourceReplacement, addResourceReplacement, get, getAjaxRequestTargetListeners, getAjaxRequestTargetProvider, getAndRemoveBufferedResponse, getApplicationKey, getConfigurationType, getFilterFactoryManager, getInitParameter, getMimeType, getServletContext, getSessionAttributePrefix, getWicketFilter, hasBufferedResponse, hasFilterFactoryManager, internalDestroy, internalInit, logEventTarget, logResponseTarget, mount, mountPackage, mountPage, mountResource, newAjaxRequestTarget, newWebRequest, newWebResponse, outputDevelopmentModeWarning, renderXmlDecl, sessionUnbound, setAjaxRequestTargetProvider, setConfigurationType, setServletContext, setWicketFilter, storeBufferedResponse, unmount

Methods inherited from class org.apache.wicket.Application

configure, createRequestCycle, decorateHeaderResponse, exists, fetchCreateAndSetSession, get, getApplicationKeys, getApplicationListeners, getApplicationSettings, getBehaviorInstantiationListeners, getComponentInitializationListeners, getComponentInstantiationListeners, getComponentOnAfterRenderListeners, getComponentPostOnBeforeRenderListeners, getComponentPreOnBeforeRenderListeners, getConverterLocator, getDebugSettings, getExceptionMapperProvider, getExceptionSettings, getFrameworkSettings, getHeaderContributorListenerCollection, getHomePage, getInitializers, getJavaScriptLibrarySettings, getMapperContext, getMarkupSettings, getMetaData, getName, getPageFactory, getPageManagerContext, getPageManagerProvider, getPageRendererProvider, getPageSettings, getRequestCycleListeners, getRequestCycleProvider, getRequestCycleSettings, getRequestLogger, getRequestLoggerSettings, getResourceBundles, getResourceReferenceRegistry, getResourceSettings, getRootRequestMapper, getRootRequestMapperAsCompound, getSecuritySettings, getSessionListeners, getSessionStore, getSessionStoreProvider, getSharedResources, getStoreSettings, initApplication, initializeComponents, newConverterLocator, newMapperContext, newPageFactory, newRequestLogger, newResourceBundles, newResourceReferenceRegistry, newSharedResources, onDestroy, onEvent, setApplicationSettings, setDebugSettings, setExceptionSettings, setFrameworkSettings, setHeaderResponseDecorator, setJavaScriptLibrarySettings, setMarkupSettings, setMetaData, setName, setPageManagerProvider, setPageRendererProvider, setPageSettings, setRequestCycleProvider, setRequestCycleSettings, setRequestLoggerSettings, setResourceSettings, setRootRequestMapper, setSecuritySettings, setSessionStoreProvider, setStoreSettings, usesDeploymentConfig, usesDevelopmentConfig, validateInit

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthenticatedWebApplication

public AuthenticatedWebApplication()

Constructor

Method Detail

init

protected void init()

Overrides:

init in class WebApplication

See Also:

WebApplication.init()

hasAnyRole

public final boolean hasAnyRole(Roles roles)

Description copied from interface: IRoleCheckingStrategy

Whether any of the given roles matches. For example, if a user has role USER and the provided roles are {USER, ADMIN} this method should return true as the user has at least one of the roles that were provided.

Specified by:

hasAnyRole in interface IRoleCheckingStrategy

Parameters:

roles - the roles

Returns:

true if a user or whatever subject this implementation wants to work with has at least on of the provided roles

See Also:

IRoleCheckingStrategy.hasAnyRole(Roles)

onUnauthorizedInstantiation

public final void onUnauthorizedInstantiation(Component component)

Specified by:

onUnauthorizedInstantiation in interface IUnauthorizedComponentInstantiationListener

See Also:

IUnauthorizedComponentInstantiationListener.onUnauthorizedInstantiation(Component)

restartResponseAtSignInPage

public void restartResponseAtSignInPage()

Restarts response at sign in page. NOTE: this method internally throws a restart response exception, so no code after a call to this method will be executed

newSession

public Session newSession(org.apache.wicket.request.Request request,
                 org.apache.wicket.request.Response response)

Overrides:

newSession in class WebApplication

getWebSessionClass

protected abstract Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass()

Returns:

BaseAuthenticatedWebSession subclass to use in this authenticated web application.

getSignInPageClass

protected abstract Class<? extends WebPage> getSignInPageClass()

Returns:

Subclass of sign-in page

onUnauthorizedPage

protected void onUnauthorizedPage(Page page)

Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access. You might want to override this to navigate to some explanatory page or to the application's home page.

Parameters:

page - The page