I did it using BundleStringResourceLoader in the end.
Well that's the point of having two WebSecurityConfigurerAdapters.
One takes care about your actuator using HTTP Basic
http.antMatcher("/actuator/**").authorizeRequests().anyRequest().hasRole("ACTUATOR_ROLE").and().httpBasic();
and the one o
Have you gone through this :
https://ci.apache.org/projects/wicket/guide/8.x/single.html#_extending_the_default_lookup_algorithm
(which seems you have, please show a little code)
And could you tell med howto make Spring redirect to my wicket login page
for all urls except /actuator (which is hand
Took me some time to understand as well so I'm glad share :)
I'm in process of tuning this setup so just out of curiosity how did you
set up the Wicket properties file(s)? I don't like the idea to having
properties in src/main/java and looking for proper way to load them from
custom location like
Yes this is exactly how I've done it :) Thanks for taking time to help...
@WicketSignInPage
@MountPath("page/login")
public class LoginPage extends BasePage {
public LoginPage(PageParameters parameters) {
super(parameters);
if (((AbstractAuthenticatedWebSession) getSession()).isSignedIn()) {
con
Is seems you have mixed my code with your code somehow.
You must configure formLogin() and specify loginPage() pointing to your
Wicket login page (maybe using @MountPath?).
The .loginProcessingUrl() points to "/fake-url" because the authentication
itself is called from Wicket login page
via Authent
It sort of works, If I go to the actuator I get the http basic auth, if I
on the same session goto my pages.. I get an "ugly" access denied page and
not the configured wicket login page. So it sort of works..
If I just goto localhost:8080/ I get an default spring login page not the
wicket one.. Up
Thanks will try it:)
On Thu, Jan 24, 2019 at 3:14 PM Zbynek Vavros
wrote:
> In my case it works something like this:
>
> @Configuration
> @EnableWebSecurity
> public class SecurityConfiguration {
>
> @Configuration
> @Order(1)
> public static class RestSecurityConfig extends
> WebSec
In my case it works something like this:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration {
@Configuration
@Order(1)
public static class RestSecurityConfig extends
WebSecurityConfigurerAdapter {
.. user details service, auth providers etc
@Overrid
Hi,
I did similar thing, the trick here is to use two
WebSecurityConfigurerAdaptes.
Zbynek
On Thu, Jan 24, 2019 at 2:55 PM nino martinez wael <
nino.martinez.w...@gmail.com> wrote:
> Hope its okay to use the wicket user mailing list for this:)
>
> First of all thanks to MarcGiffing for making t
do you have an example? OR is it just to cut them into two like:
WebSecurityConfigurerAdapter A:
http.authorizeRequests().antMatchers("/actuator/**","/actuator").hasRole("ACTUATOR").and().httpBasic();
WebSecurityConfigurerAdapter B:
http
.csrf().disable()
.auth
Already done that.. Thanks for the idea.. On my webservice project I am
doing this:
http
.authorizeRequests()
.antMatchers("/services/**").hasRole("USER").and().httpBasic().and().
csrf().disable();
http
.authorizeRequests()
.antMatc
I had a problem with Spring Boot 2 and actuator as many of them are
disabled by default in the new version. I don't know if this is the case
for you, but I would try enabling all of them via config file. For example
with yml is something like:
management:
endpoints:
web:
exposure:
Hope its okay to use the wicket user mailing list for this:)
First of all thanks to MarcGiffing for making the project. But I cannot get
actuator endpoints to work with spring security and wicket spring boot..
I've tried a lot of things..
IN my WebSecurityConfigurerAdapter:
http
.authorizeRequ
13 matches
Mail list logo
