[ https://issues.apache.org/jira/browse/WICKET-5012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14087702#comment-14087702 ]
Nick Pratt commented on WICKET-5012: ------------------------------------ I like isRequestAuthorized() since its very clear what the method is doing, and it's specific to Resources (they dont have an instantiation / action pair like Components). > Implement authorization for resources > ------------------------------------- > > Key: WICKET-5012 > URL: https://issues.apache.org/jira/browse/WICKET-5012 > Project: Wicket > Issue Type: Improvement > Components: wicket > Affects Versions: 6.5.0 > Reporter: Martin Grigorov > Assignee: Martin Grigorov > Fix For: 7.0.0-M1 > > Attachments: AuthorizingRequestMapper.java > > > Currently org.apache.wicket.authorization.IAuthorizationStrategy is focused > only on Components. > There is no way to secure an IResource mounted with > WebApplication#mountResource(ResourceReference) or implicitly at > /wicket/resource/com.example.MyComponent/some.res > The API cannot be changed before Wicket 7. Until then applications can use > custom root request mapper/handler to accomplish the same. -- This message was sent by Atlassian JIRA (v6.2#6252)