org.apache.wicket.authentication
Class AuthenticatedWebApplication

java.lang.Object
  extended by org.apache.wicket.Application
      extended by org.apache.wicket.protocol.http.WebApplication
          extended by org.apache.wicket.authentication.AuthenticatedWebApplication
All Implemented Interfaces:
IUnauthorizedComponentInstantiationListener, IRoleCheckingStrategy
Direct Known Subclasses:
MyAuthenticatedWebApplication

public abstract class AuthenticatedWebApplication
extends WebApplication
implements IRoleCheckingStrategy, IUnauthorizedComponentInstantiationListener

A web application subclass that does role-based authentication.

Author:
Jonathan Locke

Field Summary
 
Fields inherited from class org.apache.wicket.Application
CONFIGURATION, CONTEXTPATH, DEPLOYMENT, DEVELOPMENT
 
Constructor Summary
AuthenticatedWebApplication()
          Constructor
 
Method Summary
protected abstract  Class<? extends WebPage> getSignInPageClass()
           
protected abstract  Class<? extends AuthenticatedWebSession> getWebSessionClass()
           
 boolean hasAnyRole(Roles roles)
          Whether any of the given roles matches.
protected  void init()
          Initialize; if you need the wicket servlet for initialization, e.g.
 Session newSession(Request request, Response response)
          Creates a new session.
 void onUnauthorizedInstantiation(Component component)
          Called when an unauthorized component instantiation is about to take place (but before it happens).
protected  void onUnauthorizedPage(Page page)
          Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access.
 
Methods inherited from class org.apache.wicket.protocol.http.WebApplication
addIgnoreMountPath, get, getApplicationKey, getConfigurationType, getDefaultRequestCycleFactory, getInitParameter, getRequestCycleProcessor, getResourceFinder, getServletContext, getSessionAttributePrefix, getSessionAttributePrefix, getWicketFilter, internalDestroy, internalInit, logEventTarget, logResponseTarget, mount, mount, mountBookmarkablePage, mountBookmarkablePage, mountSharedResource, newAjaxRequestTarget, newRequestCycle, newRequestCycleProcessor, newSession, newSession, newSessionStore, newWebRequest, newWebResponse, outputDevelopmentModeWarning, sessionDestroyed, setApplicationKey, setWicketFilter, unmount
 
Methods inherited from class org.apache.wicket.Application
addComponentInitializationListener, addComponentInstantiationListener, addComponentOnAfterRenderListener, addPostComponentOnBeforeRenderListener, addPreComponentOnBeforeRenderListener, addRenderHeadListener, configure, decorateHeaderResponse, destroy, exists, fireComponentInitializationListeners, get, getApplicationKeys, getApplicationSettings, getConverterLocator, getDebugSettings, getExceptionSettings, getFrameworkSettings, getHomePage, getMarkupCache, getMarkupSettings, getMetaData, getName, getPageSettings, getRequestCycleFactory, getRequestCycleSettings, getRequestLogger, getRequestLoggerSettings, getResourceSettings, getSecuritySettings, getSessionFactory, getSessionSettings, getSessionStore, getSharedResources, initializeComponents, newConverterLocator, newRequestCycle, newRequestLogger, notifyRenderHeadListener, onDestroy, removeComponentInstantiationListener, removeComponentOnAfterRenderListener, removePostComponentOnBeforeRenderListener, removePreComponentOnBeforeRenderListener, removeRenderHeadListener, set, setHeaderResponseDecorator, setMetaData, unset
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthenticatedWebApplication

public AuthenticatedWebApplication()
Constructor

Method Detail

init

protected void init()
Description copied from class: WebApplication
Initialize; if you need the wicket servlet for initialization, e.g. because you want to read an initParameter from web.xml or you want to read a resource from the servlet's context path, you can override this method and provide custom initialization. This method is called right after this application class is constructed, and the wicket servlet is set. Use this method for any application setup instead of the constructor.

Overrides:
init in class WebApplication

hasAnyRole

public final boolean hasAnyRole(Roles roles)
Description copied from interface: IRoleCheckingStrategy
Whether any of the given roles matches. For example, if a user has role USER and the provided roles are {USER, ADMIN} this method should return true as the user has at least one of the roles that were provided.

Specified by:
hasAnyRole in interface IRoleCheckingStrategy
Parameters:
roles - the roles
Returns:
true if a user or whatever subject this implementation wants to work with has at least on of the provided roles
See Also:
IRoleCheckingStrategy.hasAnyRole(Roles)

onUnauthorizedInstantiation

public final void onUnauthorizedInstantiation(Component component)
Description copied from interface: IUnauthorizedComponentInstantiationListener
Called when an unauthorized component instantiation is about to take place (but before it happens).

Specified by:
onUnauthorizedInstantiation in interface IUnauthorizedComponentInstantiationListener
Parameters:
component - The partially constructed component (only the id is guaranteed to be valid).
See Also:
IUnauthorizedComponentInstantiationListener.onUnauthorizedInstantiation(Component)

newSession

public Session newSession(Request request,
                          Response response)
Description copied from class: Application
Creates a new session. Override this method if you want to provide a custom session.

Overrides:
newSession in class WebApplication
Parameters:
request - The request that will create this session.
response - The response to initialize, for example with cookies. This is important to use cases involving unit testing because those use cases might want to be able to sign a user in automatically when the session is created.
Returns:
The session
See Also:
WebApplication.newSession(org.apache.wicket.Request, org.apache.wicket.Response)

getWebSessionClass

protected abstract Class<? extends AuthenticatedWebSession> getWebSessionClass()
Returns:
AuthenticatedWebSession subclass to use in this authenticated web application.

getSignInPageClass

protected abstract Class<? extends WebPage> getSignInPageClass()
Returns:
Subclass of sign-in page

onUnauthorizedPage

protected void onUnauthorizedPage(Page page)
Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access. You might want to override this to navigate to some explanatory page or to the application's home page.

Parameters:
page - The page


Copyright © 2004-2011 Apache Software Foundation. All Rights Reserved.