Class AuthenticatedWebApplication
- java.lang.Object
-
- org.apache.wicket.Application
-
- org.apache.wicket.protocol.http.WebApplication
-
- org.apache.wicket.authroles.authentication.AuthenticatedWebApplication
-
- All Implemented Interfaces:
IUnauthorizedComponentInstantiationListener
,IRoleCheckingStrategy
,IEventSink
,IMetadataContext<Object,Application>
,ISessionStore.UnboundListener
public abstract class AuthenticatedWebApplication extends WebApplication implements IRoleCheckingStrategy, IUnauthorizedComponentInstantiationListener
A web application subclass that does role-based authentication.- Author:
- Jonathan Locke
-
-
Field Summary
-
Fields inherited from class org.apache.wicket.protocol.http.WebApplication
META_INF_RESOURCES
-
Fields inherited from class org.apache.wicket.Application
CONFIGURATION
-
-
Constructor Summary
Constructors Constructor Description AuthenticatedWebApplication()
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected abstract Class<? extends WebPage>
getSignInPageClass()
protected abstract Class<? extends AbstractAuthenticatedWebSession>
getWebSessionClass()
boolean
hasAnyRole(Roles roles)
Whether any of the given roles matches.protected void
init()
Initialize; if you need the wicket servlet/filter for initialization, e.g.Session
newSession(Request request, Response response)
Creates a new session.void
onUnauthorizedInstantiation(Component component)
Called when an unauthorized component instantiation is about to take place (but before it happens).protected void
onUnauthorizedPage(Component page)
Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access.void
restartResponseAtSignInPage()
Restarts response at sign in page.-
Methods inherited from class org.apache.wicket.protocol.http.WebApplication
addResourceReplacement, addResourceReplacement, get, getAjaxRequestTargetListeners, getAjaxRequestTargetProvider, getAndRemoveBufferedResponse, getApplicationKey, getConfigurationType, getCspSettings, getFilterFactoryManager, getInitParameter, getMimeType, getServletContext, getSessionAttributePrefix, getWicketFilter, hasBufferedResponse, hasFilterFactoryManager, internalDestroy, internalInit, logEventTarget, logResponseTarget, mount, mountPackage, mountPage, mountResource, newAjaxRequestTarget, newCspSettings, newWebRequest, newWebResponse, outputDevelopmentModeWarning, renderXmlDecl, sessionUnbound, setAjaxRequestTargetProvider, setConfigurationType, setCspSettings, setServletContext, setWicketFilter, storeBufferedResponse, unmount, validateInit
-
Methods inherited from class org.apache.wicket.Application
checkSettingsAvailable, configure, createRequestCycle, decorateHeaderResponse, exists, fetchCreateAndSetSession, get, getApplicationKeys, getApplicationListeners, getApplicationSettings, getBehaviorInstantiationListeners, getComponentInitializationListeners, getComponentInstantiationListeners, getComponentOnAfterRenderListeners, getComponentOnConfigureListeners, getComponentPostOnBeforeRenderListeners, getComponentPreOnBeforeRenderListeners, getConverterLocator, getDebugSettings, getExceptionMapperProvider, getExceptionSettings, getFrameworkSettings, getHeaderContributorListeners, getHeaderResponseDecorators, getHomePage, getInitializers, getJavaScriptLibrarySettings, getMapperContext, getMarkupSettings, getMetaData, getName, getOnComponentTagListeners, getPageFactory, getPageManagerProvider, getPageRendererProvider, getPageSettings, getRequestCycleListeners, getRequestCycleProvider, getRequestCycleSettings, getRequestLogger, getRequestLoggerSettings, getResourceBundles, getResourceReferenceRegistry, getResourceSettings, getRootRequestMapper, getRootRequestMapperAsCompound, getSecuritySettings, getSessionListeners, getSessionStore, getSessionStoreProvider, getSharedResources, getStoreSettings, initApplication, newConverterLocator, newMapperContext, newPageFactory, newRequestLogger, newResourceBundles, newResourceReferenceRegistry, newSharedResources, onDestroy, onEvent, setApplicationSettings, setDebugSettings, setExceptionMapperProvider, setExceptionSettings, setFrameworkSettings, setHeaderResponseDecorator, setJavaScriptLibrarySettings, setMarkupSettings, setMetaData, setName, setPageManagerProvider, setPageRendererProvider, setPageSettings, setRequestCycleProvider, setRequestCycleSettings, setRequestLoggerSettings, setResourceSettings, setRootRequestMapper, setSecuritySettings, setSessionStoreProvider, setStoreSettings, usesDeploymentConfig, usesDevelopmentConfig
-
-
-
-
Constructor Detail
-
AuthenticatedWebApplication
public AuthenticatedWebApplication()
-
-
Method Detail
-
init
protected void init()
Description copied from class:WebApplication
Initialize; if you need the wicket servlet/filter for initialization, e.g. because you want to read an initParameter from web.xml or you want to read a resource from the servlet's context path, you can override this method and provide custom initialization. This method is called right after this application class is constructed, and the wicket servlet/filter is set. Use this method for any application setup instead of the constructor.- Overrides:
init
in classWebApplication
-
hasAnyRole
public final boolean hasAnyRole(Roles roles)
Description copied from interface:IRoleCheckingStrategy
Whether any of the given roles matches. For example, if a user has role USER and the provided roles are {USER, ADMIN} this method should return true as the user has at least one of the roles that were provided.- Specified by:
hasAnyRole
in interfaceIRoleCheckingStrategy
- Parameters:
roles
- the roles- Returns:
- true if a user or whatever subject this implementation wants to work with has at least on of the provided roles
-
onUnauthorizedInstantiation
public final void onUnauthorizedInstantiation(Component component)
Description copied from interface:IUnauthorizedComponentInstantiationListener
Called when an unauthorized component instantiation is about to take place (but before it happens).- Specified by:
onUnauthorizedInstantiation
in interfaceIUnauthorizedComponentInstantiationListener
- Parameters:
component
- The partially constructed component (only the id is guaranteed to be valid).- See Also:
IComponentInstantiationListener
-
restartResponseAtSignInPage
public void restartResponseAtSignInPage()
Restarts response at sign in page. NOTE: this method internally throws a restart response exception, so no code after a call to this method will be executed
-
newSession
public Session newSession(Request request, Response response)
Creates a new session. Override this method if you want to provide a custom session.- Overrides:
newSession
in classWebApplication
- Parameters:
request
- The request that will create this session.response
- The response to initialize, for example with cookies. This is important to use cases involving unit testing because those use cases might want to be able to sign a user in automatically when the session is created.- Returns:
- The session
-
getWebSessionClass
protected abstract Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass()
- Returns:
- BaseAuthenticatedWebSession subclass to use in this authenticated web application.
-
getSignInPageClass
protected abstract Class<? extends WebPage> getSignInPageClass()
- Returns:
- Subclass of sign-in page
-
onUnauthorizedPage
protected void onUnauthorizedPage(Component page)
Called when an AUTHENTICATED user tries to navigate to a page that they are not authorized to access. You might want to override this to navigate to some explanatory page or to the application's home page.- Parameters:
page
- The partially constructed page (only the component id is guaranteed to be valid).
-
-