Module org.apache.wicket.auth.roles
Class AuthenticatedWebApplication
java.lang.Object
org.apache.wicket.Application
org.apache.wicket.protocol.http.WebApplication
org.apache.wicket.authroles.authentication.AuthenticatedWebApplication
- All Implemented Interfaces:
IUnauthorizedComponentInstantiationListener
,IRoleCheckingStrategy
,IEventSink
,IMetadataContext<Object,
,Application> ISessionStore.UnboundListener
public abstract class AuthenticatedWebApplication
extends WebApplication
implements IRoleCheckingStrategy, IUnauthorizedComponentInstantiationListener
A web application subclass that does role-based authentication.
- Author:
- Jonathan Locke
-
Field Summary
Fields inherited from class org.apache.wicket.protocol.http.WebApplication
META_INF_RESOURCES
Fields inherited from class org.apache.wicket.Application
CONFIGURATION
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected abstract Class<? extends AbstractAuthenticatedWebSession>
final boolean
hasAnyRole
(Roles roles) Whether any of the given roles matches.protected void
init()
Initialize; if you need the wicket servlet/filter for initialization, e.g. because you want to read an initParameter from web.xml or you want to read a resource from the servlet's context path, you can override this method and provide custom initialization.newSession
(Request request, Response response) Creates a new session.final void
onUnauthorizedInstantiation
(Component component) Called when an unauthorized component instantiation is about to take place (but before it happens).protected void
onUnauthorizedPage
(Component page) Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access.void
Restarts response at sign in page.Methods inherited from class org.apache.wicket.protocol.http.WebApplication
addResourceReplacement, addResourceReplacement, get, getAjaxRequestTargetListeners, getAjaxRequestTargetProvider, getAndRemoveBufferedResponse, getApplicationKey, getConfigurationType, getCspSettings, getFilterFactoryManager, getInitParameter, getMimeType, getServletContext, getSessionAttributePrefix, getWicketFilter, hasBufferedResponse, hasFilterFactoryManager, internalDestroy, internalInit, logEventTarget, logResponseTarget, mount, mountPackage, mountPage, mountResource, newAjaxRequestTarget, newWebRequest, newWebResponse, outputDevelopmentModeWarning, renderXmlDecl, sessionUnbound, setAjaxRequestTargetProvider, setConfigurationType, setCspSettings, setServletContext, setWicketFilter, storeBufferedResponse, unmount, validateInit
Methods inherited from class org.apache.wicket.Application
checkSettingsAvailable, configure, createRequestCycle, decorateHeaderResponse, exists, fetchCreateAndSetSession, get, getApplicationKeys, getApplicationListeners, getApplicationSettings, getBehaviorInstantiationListeners, getComponentInitializationListeners, getComponentInstantiationListeners, getComponentOnAfterRenderListeners, getComponentOnConfigureListeners, getComponentPostOnBeforeRenderListeners, getComponentPreOnBeforeRenderListeners, getConverterLocator, getDebugSettings, getExceptionMapperProvider, getExceptionSettings, getFrameworkSettings, getHeaderContributorListeners, getHeaderResponseDecorators, getHomePage, getInitializers, getJavaScriptLibrarySettings, getMapperContext, getMarkupSettings, getMetaData, getName, getOnComponentTagListeners, getPageFactory, getPageManagerProvider, getPageRendererProvider, getPageSettings, getRequestCycleListeners, getRequestCycleProvider, getRequestCycleSettings, getRequestLogger, getRequestLoggerSettings, getResourceBundles, getResourceReferenceRegistry, getResourceSettings, getRootRequestMapper, getRootRequestMapperAsCompound, getSecuritySettings, getSessionListeners, getSessionStore, getSessionStoreProvider, getSharedResources, getStoreSettings, initApplication, newConverterLocator, newMapperContext, newPageFactory, newRequestLogger, newResourceBundles, newResourceReferenceRegistry, newSharedResources, onDestroy, onEvent, setApplicationSettings, setDebugSettings, setExceptionMapperProvider, setExceptionSettings, setFrameworkSettings, setJavaScriptLibrarySettings, setMarkupSettings, setMetaData, setName, setPageManagerProvider, setPageRendererProvider, setPageSettings, setRequestCycleProvider, setRequestCycleSettings, setRequestLoggerSettings, setResourceSettings, setRootRequestMapper, setSecuritySettings, setSessionStoreProvider, setStoreSettings, usesDeploymentConfig, usesDevelopmentConfig
-
Constructor Details
-
AuthenticatedWebApplication
public AuthenticatedWebApplication()
-
-
Method Details
-
init
Description copied from class:WebApplication
Initialize; if you need the wicket servlet/filter for initialization, e.g. because you want to read an initParameter from web.xml or you want to read a resource from the servlet's context path, you can override this method and provide custom initialization. This method is called right after this application class is constructed, and the wicket servlet/filter is set. Use this method for any application setup instead of the constructor.- Overrides:
init
in classWebApplication
-
hasAnyRole
Description copied from interface:IRoleCheckingStrategy
Whether any of the given roles matches. For example, if a user has role USER and the provided roles are {USER, ADMIN} this method should return true as the user has at least one of the roles that were provided.- Specified by:
hasAnyRole
in interfaceIRoleCheckingStrategy
- Parameters:
roles
- the roles- Returns:
- true if a user or whatever subject this implementation wants to work with has at least on of the provided roles
-
onUnauthorizedInstantiation
Description copied from interface:IUnauthorizedComponentInstantiationListener
Called when an unauthorized component instantiation is about to take place (but before it happens).- Specified by:
onUnauthorizedInstantiation
in interfaceIUnauthorizedComponentInstantiationListener
- Parameters:
component
- The partially constructed component (only the id is guaranteed to be valid).- See Also:
-
restartResponseAtSignInPage
Restarts response at sign in page. NOTE: this method internally throws a restart response exception, so no code after a call to this method will be executed -
newSession
Creates a new session. Override this method if you want to provide a custom session.- Overrides:
newSession
in classWebApplication
- Parameters:
request
- The request that will create this session.response
- The response to initialize, for example with cookies. This is important to use cases involving unit testing because those use cases might want to be able to sign a user in automatically when the session is created.- Returns:
- The session
-
getWebSessionClass
- Returns:
- BaseAuthenticatedWebSession subclass to use in this authenticated web application.
-
getSignInPageClass
- Returns:
- Subclass of sign-in page
-
onUnauthorizedPage
Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access. You might want to override this to navigate to some explanatory page or to the application's home page.- Parameters:
page
- The partially constructed page (only the component id is guaranteed to be valid).
-