Class AnnotationsRoleAuthorizationStrategy
- java.lang.Object
-
- org.apache.wicket.authorization.IAuthorizationStrategy.AllowAllAuthorizationStrategy
-
- org.apache.wicket.authroles.authorization.strategies.role.AbstractRoleAuthorizationStrategy
-
- org.apache.wicket.authroles.authorization.strategies.role.annotations.AnnotationsRoleAuthorizationStrategy
-
- All Implemented Interfaces:
IAuthorizationStrategy
public class AnnotationsRoleAuthorizationStrategy extends AbstractRoleAuthorizationStrategy
Strategy that checks theAuthorizeInstantiation
annotation.- Author:
- Eelco Hillenius
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy
IAuthorizationStrategy.AllowAllAuthorizationStrategy
-
-
Field Summary
-
Fields inherited from interface org.apache.wicket.authorization.IAuthorizationStrategy
ALLOW_ALL
-
-
Constructor Summary
Constructors Constructor Description AnnotationsRoleAuthorizationStrategy(IRoleCheckingStrategy roleCheckingStrategy)
Construct.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
isActionAuthorized(Class<?> componentClass, Action action)
boolean
isActionAuthorized(Component component, Action action)
Gets whether the given action is permitted.<T extends IRequestableComponent>
booleanisInstantiationAuthorized(Class<T> componentClass)
Checks whether an instance of the given component class may be created.boolean
isResourceAuthorized(IResource resource, PageParameters pageParameters)
Checks whether a request with some parameters is allowed to a resource.-
Methods inherited from class org.apache.wicket.authroles.authorization.strategies.role.AbstractRoleAuthorizationStrategy
hasAny, isEmpty
-
-
-
-
Constructor Detail
-
AnnotationsRoleAuthorizationStrategy
public AnnotationsRoleAuthorizationStrategy(IRoleCheckingStrategy roleCheckingStrategy)
Construct.- Parameters:
roleCheckingStrategy
- the authorizer delegate
-
-
Method Detail
-
isInstantiationAuthorized
public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass)
Description copied from interface:IAuthorizationStrategy
Checks whether an instance of the given component class may be created. If this method returns false, theIUnauthorizedComponentInstantiationListener
that is configured in thesecurity settings
will be called. The default implementation of that listener throws aUnauthorizedInstantiationException
.If you wish to implement a strategy that authenticates users which cannot access a given Page (or other Component), you can simply throw a
RestartResponseAtInterceptPageException
in your implementation of this method.- Specified by:
isInstantiationAuthorized
in interfaceIAuthorizationStrategy
- Overrides:
isInstantiationAuthorized
in classIAuthorizationStrategy.AllowAllAuthorizationStrategy
- Parameters:
componentClass
- The component class to check- Returns:
- Whether the given component may be created
- See Also:
IAuthorizationStrategy.isInstantiationAuthorized(java.lang.Class)
-
isActionAuthorized
public boolean isActionAuthorized(Component component, Action action)
Description copied from interface:IAuthorizationStrategy
Gets whether the given action is permitted. If it is, this method should return true. If it isn't, this method should either return false or - in case of a serious breach - throw a security exception. Returning is generally preferable over throwing an exception as that doesn't break the normal flow.- Specified by:
isActionAuthorized
in interfaceIAuthorizationStrategy
- Overrides:
isActionAuthorized
in classIAuthorizationStrategy.AllowAllAuthorizationStrategy
- Parameters:
component
- The component to be acted uponaction
- The action to authorize on the component- Returns:
- Whether the given action may be taken on the given component
- See Also:
IAuthorizationStrategy.isActionAuthorized(org.apache.wicket.Component, org.apache.wicket.authorization.Action)
-
isActionAuthorized
protected boolean isActionAuthorized(Class<?> componentClass, Action action)
-
isResourceAuthorized
public boolean isResourceAuthorized(IResource resource, PageParameters pageParameters)
Description copied from interface:IAuthorizationStrategy
Checks whether a request with some parameters is allowed to a resource.- Specified by:
isResourceAuthorized
in interfaceIAuthorizationStrategy
- Overrides:
isResourceAuthorized
in classIAuthorizationStrategy.AllowAllAuthorizationStrategy
- Parameters:
resource
- The resource that should be processedpageParameters
- The request parameters- Returns:
true
if the request to this resource is allowed.
-
-