java.lang.Object
org.apache.wicket.settings.SecuritySettings
Class for security related settings
- Author:
- Jonathan Locke, Chris Turner, Eelco Hillenius, Juergen Donnerstag, Johan Compagner, Igor Vaynberg (ivaynberg), Martijn Dashorst, James Carman
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionGets the authentication strategy.Gets the authorization strategy.Returns theICryptFactory
.boolean
Gets whether page mounts should be enforced.Returns theISecureRandomSupplier
to use for secure random data.Sets the authentication strategy.Sets the authorization strategy.setCrossOriginEmbedderPolicyConfiguration
(CrossOriginEmbedderPolicyConfiguration.CoepMode mode, String... exemptions) Sets the Cross-Origin Embedder Policy's mode and exempted paths.setCrossOriginOpenerPolicyConfiguration
(CrossOriginOpenerPolicyConfiguration.CoopMode mode, String... exemptions) Sets the Cross-Origin Opener Policy's mode and exempted paths.setCryptFactory
(ICryptFactory cryptFactory) Sets the factory that will be used to create crypt objects.setEnforceMounts
(boolean enforce) Sets whether mounts should be enforced.setRandomSupplier
(ISecureRandomSupplier randomSupplier) Sets the supplier of secure random data for Wicket.Sets a listener that will be used when a request to an IResource is not allowed for some reason
-
Constructor Details
-
SecuritySettings
public SecuritySettings()
-
-
Method Details
-
getAuthorizationStrategy
Gets the authorization strategy.- Returns:
- Returns the authorizationStrategy.
-
getCryptFactory
Returns theICryptFactory
. If no factory is set, aKeyInSessionSunJceCryptFactory
is used.- Returns:
- crypt factory used to generate crypt objects
-
getRandomSupplier
Returns theISecureRandomSupplier
to use for secure random data. If no custom supplier is set, aDefaultSecureRandomSupplier
is used.- Returns:
- The
ISecureRandomSupplier
to use for secure random data.
-
getEnforceMounts
Gets whether page mounts should be enforced. Iftrue
, requests for a page will be allowed only if the page has been explicitly mounted inMyApplication#init()
. This setting basically disablesBookmarkableMapper
- Returns:
- Whether mounts should be enforced
-
getUnauthorizedComponentInstantiationListener
- Returns:
- The listener
- See Also:
-
setAuthorizationStrategy
Sets the authorization strategy.- Parameters:
strategy
- new authorization strategy- Returns:
this
object for chaining
-
setCryptFactory
Sets the factory that will be used to create crypt objects. The crypt object returned from the first call is cached.- Parameters:
cryptFactory
-- Returns:
this
object for chaining
-
setRandomSupplier
Sets the supplier of secure random data for Wicket. The implementation must use a strong source of random data and be able to generate a lot of random data without running out of entropy.- Parameters:
randomSupplier
- The new supplier, must not be null.- Returns:
this
object for chaining
-
setEnforceMounts
Sets whether mounts should be enforced. If true, requests for mounted targets have to done through the mounted paths. If, for instance, a bookmarkable page is mounted to a path, a request to that same page via the bookmarkablePage parameter will be denied.- Parameters:
enforce
- Whether mounts should be enforced- Returns:
this
object for chaining
-
setUnauthorizedComponentInstantiationListener
public SecuritySettings setUnauthorizedComponentInstantiationListener(IUnauthorizedComponentInstantiationListener listener) - Parameters:
listener
- The listener to set- Returns:
this
object for chaining- See Also:
-
getUnauthorizedResourceRequestListener
- Returns:
- The listener that will be used when a request to an IResource is not allowed for some reason
-
setUnauthorizedResourceRequestListener
public SecuritySettings setUnauthorizedResourceRequestListener(IUnauthorizedResourceRequestListener listener) Sets a listener that will be used when a request to an IResource is not allowed for some reason- Parameters:
listener
- The listener- Returns:
this
object for chaining
-
getAuthenticationStrategy
Gets the authentication strategy.- Returns:
- Returns the authentication strategy.
-
setAuthenticationStrategy
Sets the authentication strategy.- Parameters:
strategy
- new authentication strategy- Returns:
this
object for chaining
-
getCrossOriginOpenerPolicyConfiguration
-
setCrossOriginOpenerPolicyConfiguration
public SecuritySettings setCrossOriginOpenerPolicyConfiguration(CrossOriginOpenerPolicyConfiguration.CoopMode mode, String... exemptions) Sets the Cross-Origin Opener Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect- Parameters:
mode
- CoopMode, one of the 4 values: UNSAFE_NONE, SAME_ORIGIN, SAME_ORIGIN_ALLOW_POPUPS, DISABLEDexemptions
- exempted paths for which COOP will be disabled- Returns:
-
getCrossOriginEmbedderPolicyConfiguration
-
setCrossOriginEmbedderPolicyConfiguration
public SecuritySettings setCrossOriginEmbedderPolicyConfiguration(CrossOriginEmbedderPolicyConfiguration.CoepMode mode, String... exemptions) Sets the Cross-Origin Embedder Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect- Parameters:
mode
- CoepMode, one of the 3 values: ENFORCING, REPORTING, DISABLEDexemptions
- exempted paths for which COEP will be disabled- Returns:
-