Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.wicket.authorization.strategies.role.annotations
Class AnnotationsRoleAuthorizationStrategy

java.lang.Object
  extended by org.apache.wicket.authorization.strategies.role.AbstractRoleAuthorizationStrategy
      extended by org.apache.wicket.authorization.strategies.role.annotations.AnnotationsRoleAuthorizationStrategy
All Implemented Interfaces:
IAuthorizationStrategy
public class AnnotationsRoleAuthorizationStrategy
extends AbstractRoleAuthorizationStrategy

Strategy that checks the AuthorizeInstantiation annotation.

Author:
Eelco Hillenius

Field Summary
 
Fields inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy
ALLOW_ALL
 
Constructor Summary
AnnotationsRoleAuthorizationStrategy(IRoleCheckingStrategy roleCheckingStrategy)
          Construct.
 
Method Summary
 boolean isActionAuthorized(Component component, Action action)
          Gets whether the given action is permitted.
 boolean isInstantiationAuthorized(java.lang.Class componentClass)
          Checks whether an instance of the given component class may be created.
 
Methods inherited from class org.apache.wicket.authorization.strategies.role.AbstractRoleAuthorizationStrategy
hasAny, isEmpty
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AnnotationsRoleAuthorizationStrategy

public AnnotationsRoleAuthorizationStrategy(IRoleCheckingStrategy roleCheckingStrategy)
Construct.

Parameters:
roleCheckingStrategy - the authorizer delegate
Method Detail

isInstantiationAuthorized

public boolean isInstantiationAuthorized(java.lang.Class componentClass)
Description copied from interface: IAuthorizationStrategy
Checks whether an instance of the given component class may be created. If this method returns false, the IUnauthorizedComponentInstantiationListener that is configured in the security settings will be called. The default implementation of that listener throws a UnauthorizedInstantiationException.

If you wish to implement a strategy that authenticates users which cannot access a given Page (or other Component), you can simply throw a RestartResponseAtInterceptPageException in your implementation of this method.

Parameters:
componentClass - The component class to check
Returns:
Whether the given component may be created
See Also:
IAuthorizationStrategy.isInstantiationAuthorized(java.lang.Class)

isActionAuthorized

public boolean isActionAuthorized(Component component,
                                  Action action)
Description copied from interface: IAuthorizationStrategy
Gets whether the given action is permitted. If it is, this method should return true. If it isn't, this method should either return false or - in case of a serious breach - throw a security exception. Returning is generally preferable over throwing an exception as that doesn't break the normal flow.

Parameters:
component - The component to be acted upon
action - The action to authorize on the component
Returns:
Whether the given action may be taken on the given component
See Also:
IAuthorizationStrategy.isActionAuthorized(org.apache.wicket.Component, org.apache.wicket.authorization.Action)
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2004-2010 Apache Software Foundation. All Rights Reserved.