Module org.apache.wicket.auth.roles

Package org.apache.wicket.authroles.authentication

Class AuthenticatedWebApplication

java.lang.Object

org.apache.wicket.Application

org.apache.wicket.protocol.http.WebApplication

org.apache.wicket.authroles.authentication.AuthenticatedWebApplication

All Implemented Interfaces:

IUnauthorizedComponentInstantiationListener, IRoleCheckingStrategy, IEventSink, IMetadataContext<Object,Application>, ISessionStore.UnboundListener

public abstract class AuthenticatedWebApplication
extends WebApplication
implements IRoleCheckingStrategy, IUnauthorizedComponentInstantiationListener

A web application subclass that does role-based authentication.

Author:

Jonathan Locke

Field Summary

Fields inherited from class org.apache.wicket.protocol.http.WebApplication

META_INF_RESOURCES

Fields inherited from class org.apache.wicket.Application

CONFIGURATION

Constructor Summary

Constructors

Constructor	Description
AuthenticatedWebApplication()

Method Summary

Modifier and Type	Method	Description
protected abstract Class<? extends WebPage>	getSignInPageClass()
protected abstract Class<? extends AbstractAuthenticatedWebSession>	getWebSessionClass()
final boolean	hasAnyRole(Roles roles)	Whether any of the given roles matches.
protected void	init()
Session	newSession(org.apache.wicket.request.Request request, org.apache.wicket.request.Response response)
final void	onUnauthorizedInstantiation(Component component)
protected void	onUnauthorizedPage(Component page)	Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access.
void	restartResponseAtSignInPage()	Restarts response at sign in page.

Methods inherited from class org.apache.wicket.protocol.http.WebApplication

addResourceReplacement, addResourceReplacement, get, getAjaxRequestTargetListeners, getAjaxRequestTargetProvider, getAndRemoveBufferedResponse, getApplicationKey, getConfigurationType, getCspSettings, getFilterFactoryManager, getInitParameter, getMimeType, getServletContext, getSessionAttributePrefix, getWicketFilter, hasBufferedResponse, hasFilterFactoryManager, internalDestroy, internalInit, logEventTarget, logResponseTarget, mount, mountPackage, mountPage, mountResource, newAjaxRequestTarget, newWebRequest, newWebResponse, outputDevelopmentModeWarning, renderXmlDecl, sessionUnbound, setAjaxRequestTargetProvider, setConfigurationType, setCspSettings, setServletContext, setWicketFilter, storeBufferedResponse, unmount, validateInit

Methods inherited from class org.apache.wicket.Application

checkSettingsAvailable, configure, createRequestCycle, decorateHeaderResponse, exists, fetchCreateAndSetSession, get, getApplicationKeys, getApplicationListeners, getApplicationSettings, getBehaviorInstantiationListeners, getComponentInitializationListeners, getComponentInstantiationListeners, getComponentOnAfterRenderListeners, getComponentOnConfigureListeners, getComponentPostOnBeforeRenderListeners, getComponentPreOnBeforeRenderListeners, getConverterLocator, getDebugSettings, getExceptionMapperProvider, getExceptionSettings, getFrameworkSettings, getHeaderContributorListeners, getHeaderResponseDecorators, getHomePage, getInitializers, getJavaScriptLibrarySettings, getMapperContext, getMarkupSettings, getMetaData, getName, getOnComponentTagListeners, getPageFactory, getPageManagerProvider, getPageRendererProvider, getPageSettings, getRequestCycleListeners, getRequestCycleProvider, getRequestCycleSettings, getRequestLogger, getRequestLoggerSettings, getResourceBundles, getResourceReferenceRegistry, getResourceSettings, getRootRequestMapper, getRootRequestMapperAsCompound, getSecuritySettings, getSessionListeners, getSessionStore, getSessionStoreProvider, getSharedResources, getStoreSettings, initApplication, newConverterLocator, newMapperContext, newPageFactory, newRequestLogger, newResourceBundles, newResourceReferenceRegistry, newSharedResources, onDestroy, onEvent, setApplicationSettings, setDebugSettings, setExceptionMapperProvider, setExceptionSettings, setFrameworkSettings, setJavaScriptLibrarySettings, setMarkupSettings, setMetaData, setName, setPageManagerProvider, setPageRendererProvider, setPageSettings, setRequestCycleProvider, setRequestCycleSettings, setRequestLoggerSettings, setResourceSettings, setRootRequestMapper, setSecuritySettings, setSessionStoreProvider, setStoreSettings, usesDeploymentConfig, usesDevelopmentConfig

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

AuthenticatedWebApplication

public AuthenticatedWebApplication()

Method Details

init

protected void init()

Overrides:

init in class WebApplication

hasAnyRole

public final boolean hasAnyRole(Roles roles)

Description copied from interface: IRoleCheckingStrategy

Whether any of the given roles matches. For example, if a user has role USER and the provided roles are {USER, ADMIN} this method should return true as the user has at least one of the roles that were provided.

Specified by:

hasAnyRole in interface IRoleCheckingStrategy

Parameters:

roles - the roles

Returns:

true if a user or whatever subject this implementation wants to work with has at least on of the provided roles

onUnauthorizedInstantiation

public final void onUnauthorizedInstantiation(Component component)

Specified by:

onUnauthorizedInstantiation in interface IUnauthorizedComponentInstantiationListener

restartResponseAtSignInPage

public void restartResponseAtSignInPage()

Restarts response at sign in page. NOTE: this method internally throws a restart response exception, so no code after a call to this method will be executed

newSession

public Session newSession(org.apache.wicket.request.Request request,
 org.apache.wicket.request.Response response)

Overrides:

newSession in class WebApplication

getWebSessionClass

protected abstract Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass()

Returns:

BaseAuthenticatedWebSession subclass to use in this authenticated web application.

getSignInPageClass

protected abstract Class<? extends WebPage> getSignInPageClass()

Returns:

Subclass of sign-in page

onUnauthorizedPage

protected void onUnauthorizedPage(Component page)

Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access. You might want to override this to navigate to some explanatory page or to the application's home page.

Parameters:

page - The partially constructed page (only the component id is guaranteed to be valid).