[ https://issues.apache.org/jira/browse/WICKET-1152?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Maurice Marrink resolved WICKET-1152. ------------------------------------- Resolution: Fixed Fix Version/s: 1.4-M2 1.3.4 unauthorize now has the effect of removing an authorized role (if previously authorized) or denying authorization for every role if there are no remaining authorized roles. > MetaDataRoleAuthorizationStrategy.unauthorize() doesn't work > ------------------------------------------------------------ > > Key: WICKET-1152 > URL: https://issues.apache.org/jira/browse/WICKET-1152 > Project: Wicket > Issue Type: Bug > Components: wicket-auth-roles > Affects Versions: 1.3.0-rc1 > Reporter: David > Assignee: Maurice Marrink > Fix For: 1.3.4, 1.4-M2 > > Attachments: wicket-1152.patch > > Original Estimate: 0h > Remaining Estimate: 0h > > Try this: > MetaDataRoleAuthorizationStrategy.unauthorize(this, RENDER, "USER"); > The page will still be rendered for user with USER role. > The following will work fine to prevent rendering by anybody: > MetaDataRoleAuthorizationStrategy.authorize(this, RENDER, ""); -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.