Re: [Wicket-user] Bug in Wicketbench?
Hi Joni, Do you have any idea why I'm getting the following error while opening a wicketpage: Can't preview file. Check your wicket:preview path. I have also wicket projects in Eclipse that do not have this error but I can't understand why this happens or see any difference with a project that gives this error. Regards, Rik On 3-nov-2006, at 8:28, Joni Freeman wrote: > On Fri, 2006-11-03 at 08:20 +0100, Rik van der Kleij wrote: >> >> Hi, >> >> >> The issue is that remote debugging with Jetty and Maven from Eclipse >> doesn't work right any more if the default editor is Wicket Editor. >> While debugging the line of code that is executed by a thread is not >> shown in the editor window anymore. Only the linenumber of the thread >> is mentioned in the debug window. >> >> >> Does someone recognize this behavior? > > Yes, this is a known bug. It is not possible to fix this easily in > current eclipse versions. I (and some others) have reported the > issue to > eclipse devs and the only news i've got from them is that they wont > fix > it in 3.3. Let's hope it will be fixed at some point, though! A > workaround is to set normal Java editor as a default editor when > debugging. > > Joni > > > > -- > --- > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your > job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Authentication Tomcat <-> Wicket
Hi Erik, Thanks for your reply. First I will arrange authentication with Acegi in mine application and then I will take a good look to the MetaDataRoleAuthorizationStrategy. Regards, Rik On 12-nov-2006, at 13:47, Erik van Oosten wrote: > Hello Rik, >> Questions; >> Do you use a "normal" login form according to Acegi or do you use a >> Wicket login form? >> > We use a signin page that is derived from the example in > wicket-auth-roles-example. So it's a Wicket login form. >> Where do you put your authorization settings? >> > The complete authorization picture in my current application is as > follows: > - We use our wicket-auth-roles port to java 1.4 (took about 15 minutes > to make) with just one change so that we can do authorization based on > the base class of a component (see > https://issues.apache.org/jira/browse/WICKET-21). > > - MyApplication#init() contains the following code: >getSecuritySettings().setAuthorizationStrategy(new > MetaDataRoleAuthorizationStrategy(this)); >MetaDataRoleAuthorizationStrategy.authorize(SecurePage.class, > "role_viewer role_administrator"); >MetaDataRoleAuthorizationStrategy.authorize(AdminPage.class, > "role_administrator"); >MetaDataRoleAuthorizationStrategy.authorize(SecurePopupPage.class, > "role_viewer role_administrator"); >All pages that need a login extend either SecurePage or > SecurePopupPage. > > - The base class for all pages constructs a menu with links to all > pages > in the application. If the linked page requires authorization, during > construction of the menu > MetaDataRoleAuthorizationStrategy.authorize(link, Component.RENDER, > roles) is called, where link is a Link instance and roles is derived > from the metadata of the linked class. (Though I did not yet write the > automatic role derivation, it should be easy to do so.) > >>> If desired we >>> could have easily read that information from an ACL file. >>> >> What do you have in mind as content for the ACL file. I understand >> from the Acegi reference guide that you can set authorization on >> domain objects. But what for example if the case is that a delete >> button may only be visible for administrators? >> > As I said, we don't use ACL files, but it could be as simple as: > com.example.app.SecurePage role_viewer role_administrator > com.example.app.AdminPage role_administrator > > How do this for buttons depend on the structure of your application. > You'll have to devise a way to identify the button (or better, the > function it will perform), and call a > MetaDataRoleAuthorizationStrategy.authorize... before the button > component is used. > > Erik. > > -- > Erik van Oosten > http://day-to-day-stuff.blogspot.com/ > > > -- > --- > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your > job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Authentication Tomcat <-> Wicket
Hi Erik, Yes. So you mean in short: use Acegi for authentication and use wicket-auth-roles for authorization. That is a good compromise because you get some of the features of Acegi out-of-the-box, like a LDAP-server authentication as you mention. Questions; Do you use a "normal" login form according to Acegi or do you use a Wicket login form? Where do you put your authorization settings? > If desired we > could have easily read that information from an ACL file. What do you have in mind as content for the ACL file. I understand from the Acegi reference guide that you can set authorization on domain objects. But what for example if the case is that a delete button may only be visible for administrators? Regards, Rik On 10-nov-2006, at 22:17, Erik van Oosten wrote: > Hi Rik, > > We use Acegi because of its excellent backend features. We do not use > Acegi to do authorization in the frontend, we just give a > username/pasword and ask it for the roles. Acegi gets it out of > LDAP for > us, wicket-auth-roles does the authorization. The Acegi filter sets > the > authenticated user on a tread-local, but that is the only > involvement of > Acegi in the front-end. However, having the thread-local Acegi can be > still for used for securing the spring configured services. > > The authorization settings are set by our application and stored in > the > Wicket metadata facility (again using wicket-auth-roles). If > desired we > could have easily read that information from an ACL file. > > Would this be an acceptable solution? > > Erik. > > > Rik van der Kleij schreef: >> Hi, >> >> That is also the reason why Acegi and Wicket don't integrate well. >> Till now I have not found a good way to secure Wicket components by >> Acegi. Acegi is based on URL requests, method intercepting and >> securing domain objects by ACL's. According to me you want to set >> authorization on component level. Annotations is a way but I prefer >> security by configuration. Maybe the only good solution is to build a >> Wicket specific solution. >> >> Regards, >> Rik >> > > -- > Erik van Oosten > http://day-to-day-stuff.blogspot.com/ > > > -- > --- > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your > job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] Authentication Tomcat <-> Wicket
Hi, That is also the reason why Acegi and Wicket don't integrate well. Till now I have not found a good way to secure Wicket components by Acegi. Acegi is based on URL requests, method intercepting and securing domain objects by ACL's. According to me you want to set authorization on component level. Annotations is a way but I prefer security by configuration. Maybe the only good solution is to build a Wicket specific solution. Regards, Rik On 9-nov-2006, at 18:53, Eelco Hillenius wrote: > And if you use 2.0, you can set > getSecuritySettings().setEnforceMounts(true), so that these mounted > pages are only reachable using these paths. > > But as you got from the answers on this thread, URL based > authorization schemes in not something we recommend for Wicket. It'll > basically bring you back to page-level development again, whereas the > whole point of Wicket is to provide a component based paradigm. > > Eelco > > > On 11/9/06, Igor Vaynberg <[EMAIL PROTECTED]> wrote: >> you can use package mounting to mount all pages in your admin >> package to a >> path, depends on how your classes are stored >> >> -igor >> >> >> >> On 11/9/06, Dmitry Kandalov <[EMAIL PROTECTED]> wrote: >>> >>> >>> Erik van Oosten wrote: Wicket supports per component authorisation. You could take a look at wicket-auth-roles-example (a small project available through svn). In this project some components (pages) are marked. The mark indicates which roles are required for the component. As long as the user does not hit those components the application runs fine. As soon as the user does hit such a component, the sign-in page is displayed. Erik. >>> >>> Thanks for advice, example is good. But I have to use tomcat >> authentication >>> (not authorization). To make it work I have to declare >>> . >>> -- >>> View this message in context: >> http://www.nabble.com/Authentication-Tomcat-%3C-%3E-Wicket- >> tf2588672.html#a7254648 >>> Sent from the Wicket - User mailing list archive at Nabble.com. >>> >>> >>> >> - >> >>> Using Tomcat but need to do more? Need to support web services, >>> security? >>> Get stuff done quickly with pre-integrated technology to make >>> your job >> easier >>> Download IBM WebSphere Application Server v.1.0.1 based on Apache >>> Geronimo >>> >> http://sel.as-us.falkag.net/sel? >> cmd=lnk&kid=120709&bid=263057&dat=121642 >>> ___ >>> Wicket-user mailing list >>> Wicket-user@lists.sourceforge.net >>> https://lists.sourceforge.net/lists/listinfo/wicket-user >>> >> >> >> - >> >> Using Tomcat but need to do more? Need to support web services, >> security? >> Get stuff done quickly with pre-integrated technology to make your >> job >> easier >> Download IBM WebSphere Application Server v.1.0.1 based on Apache >> Geronimo >> http://sel.as-us.falkag.net/sel? >> cmd=lnk&kid=120709&bid=263057&dat=121642 >> >> ___ >> Wicket-user mailing list >> Wicket-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/wicket-user >> >> >> > > -- > --- > Using Tomcat but need to do more? Need to support web services, > security? > Get stuff done quickly with pre-integrated technology to make your > job easier > Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel? > cmd=lnk&kid=120709&bid=263057&dat=121642 > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
[Wicket-user] Bug in Wicketbench?
Hi,The issue is that remote debugging with Jetty and Maven from Eclipse doesn't work right any more if the default editor is Wicket Editor. While debugging the line of code that is executed by a thread is not shown in the editor window anymore. Only the linenumber of the thread is mentioned in the debug window.Does someone recognize this behavior?Regards,Rik- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
