Package org.apache.wicket.settings
Class SecuritySettings
- java.lang.Object
-
- org.apache.wicket.settings.SecuritySettings
-
public class SecuritySettings extends Object
Class for security related settings- Author:
- Jonathan Locke, Chris Turner, Eelco Hillenius, Juergen Donnerstag, Johan Compagner, Igor Vaynberg (ivaynberg), Martijn Dashorst, James Carman
-
-
Field Summary
Fields Modifier and Type Field Description static String
DEFAULT_ENCRYPTION_KEY
Deprecated, for removal: This API element is subject to removal in a future version.
-
Constructor Summary
Constructors Constructor Description SecuritySettings()
-
Method Summary
-
-
-
Field Detail
-
DEFAULT_ENCRYPTION_KEY
@Deprecated(forRemoval=true) public static final String DEFAULT_ENCRYPTION_KEY
Deprecated, for removal: This API element is subject to removal in a future version.encryption key is no longer used- See Also:
- Constant Field Values
-
-
Constructor Detail
-
SecuritySettings
public SecuritySettings()
-
-
Method Detail
-
getAuthorizationStrategy
public IAuthorizationStrategy getAuthorizationStrategy()
Gets the authorization strategy.- Returns:
- Returns the authorizationStrategy.
-
getCryptFactory
public ICryptFactory getCryptFactory()
Returns theICryptFactory
. If no factory is set, aKeyInSessionSunJceCryptFactory
is used.- Returns:
- crypt factory used to generate crypt objects
-
getRandomSupplier
public ISecureRandomSupplier getRandomSupplier()
Returns theISecureRandomSupplier
to use for secure random data. If no custom supplier is set, aDefaultSecureRandomSupplier
is used.- Returns:
- The
ISecureRandomSupplier
to use for secure random data.
-
getEnforceMounts
public boolean getEnforceMounts()
Gets whether page mounts should be enforced. Iftrue
, requests for a page will be allowed only if the page has been explicitly mounted inMyApplication#init()
. This setting basically disablesBookmarkableMapper
- Returns:
- Whether mounts should be enforced
-
getUnauthorizedComponentInstantiationListener
public IUnauthorizedComponentInstantiationListener getUnauthorizedComponentInstantiationListener()
- Returns:
- The listener
- See Also:
IUnauthorizedComponentInstantiationListener
-
setAuthorizationStrategy
public SecuritySettings setAuthorizationStrategy(IAuthorizationStrategy strategy)
Sets the authorization strategy.- Parameters:
strategy
- new authorization strategy- Returns:
this
object for chaining
-
setCryptFactory
public SecuritySettings setCryptFactory(ICryptFactory cryptFactory)
Sets the factory that will be used to create crypt objects. The crypt object returned from the first call is cached.- Parameters:
cryptFactory
-- Returns:
this
object for chaining
-
setRandomSupplier
public SecuritySettings setRandomSupplier(ISecureRandomSupplier randomSupplier)
Sets the supplier of secure random data for Wicket. The implementation must use a strong source of random data and be able to generate a lot of random data without running out of entropy.- Parameters:
randomSupplier
- The new supplier, must not be null.- Returns:
this
object for chaining
-
setEnforceMounts
public SecuritySettings setEnforceMounts(boolean enforce)
Sets whether mounts should be enforced. If true, requests for mounted targets have to done through the mounted paths. If, for instance, a bookmarkable page is mounted to a path, a request to that same page via the bookmarkablePage parameter will be denied.- Parameters:
enforce
- Whether mounts should be enforced- Returns:
this
object for chaining
-
setUnauthorizedComponentInstantiationListener
public SecuritySettings setUnauthorizedComponentInstantiationListener(IUnauthorizedComponentInstantiationListener listener)
- Parameters:
listener
- The listener to set- Returns:
this
object for chaining- See Also:
IUnauthorizedComponentInstantiationListener
-
getUnauthorizedResourceRequestListener
public IUnauthorizedResourceRequestListener getUnauthorizedResourceRequestListener()
- Returns:
- The listener that will be used when a request to an IResource is not allowed for some reason
-
setUnauthorizedResourceRequestListener
public SecuritySettings setUnauthorizedResourceRequestListener(IUnauthorizedResourceRequestListener listener)
Sets a listener that will be used when a request to an IResource is not allowed for some reason- Parameters:
listener
- The listener- Returns:
this
object for chaining
-
getAuthenticationStrategy
public IAuthenticationStrategy getAuthenticationStrategy()
Gets the authentication strategy.- Returns:
- Returns the authentication strategy.
-
setAuthenticationStrategy
public SecuritySettings setAuthenticationStrategy(IAuthenticationStrategy strategy)
Sets the authentication strategy.- Parameters:
strategy
- new authentication strategy- Returns:
this
object for chaining
-
getCrossOriginOpenerPolicyConfiguration
public CrossOriginOpenerPolicyConfiguration getCrossOriginOpenerPolicyConfiguration()
-
setCrossOriginOpenerPolicyConfiguration
public SecuritySettings setCrossOriginOpenerPolicyConfiguration(CrossOriginOpenerPolicyConfiguration.CoopMode mode, String... exemptions)
Sets the Cross-Origin Opener Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect- Parameters:
mode
- CoopMode, one of the 4 values: UNSAFE_NONE, SAME_ORIGIN, SAME_ORIGIN_ALLOW_POPUPS, DISABLEDexemptions
- exempted paths for which COOP will be disabled- Returns:
-
getCrossOriginEmbedderPolicyConfiguration
public CrossOriginEmbedderPolicyConfiguration getCrossOriginEmbedderPolicyConfiguration()
-
setCrossOriginEmbedderPolicyConfiguration
public SecuritySettings setCrossOriginEmbedderPolicyConfiguration(CrossOriginEmbedderPolicyConfiguration.CoepMode mode, String... exemptions)
Sets the Cross-Origin Embedder Policy's mode and exempted paths. The config values are only read once at startup in Application#initApplication(), changing the config at runtime will have no effect- Parameters:
mode
- CoepMode, one of the 3 values: ENFORCING, REPORTING, DISABLEDexemptions
- exempted paths for which COEP will be disabled- Returns:
-
-