Ok. If I understand correctly, you need to detect authentication. One
way to do this in wicket is to redirect the user to a Login page when
authentication is missing.
So:
1. User tries to access the secured page "StockQuote.class"
2. Wicket detects the user is not logged in and Redirects the user to
"Login.class"
3. User logs in properly and Wicket redirects him back to "StockQuote.class"
4. If user fails login, something else happens.. that's up to you.
I will copypaste here some snipplets (not all code included, only the
essentials), which should get you going:
public class MyApplication extends WebApplication {
/**
* @see wicket.protocol.http.WebApplication#init()
*/
@Override
protected void init() {
super.init();
getSecuritySettings().setAuthorizationStrategy(MyAuthorizationStrategy.getInstance());
getSecuritySettings().setUnauthorizedComponentInstantiationListener(MyAuthorizationStrategy.getInstance());
}
}
:::::::::::::::::::
public class MyAuthorizationStrategy extends
AbstractPageAuthorizationStrategy implements
IUnauthorizedComponentInstantiationListener {
/**
* @see
wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy#isPageAuthorized(java.lang.Class)
*/
@Override
protected boolean isPageAuthorized(Class pageClass) {
// Check if the page required authorized access
@SuppressWarnings("unchecked")
boolean pageRequiresAuthentication =
pageClass.isAnnotationPresent(AuthenticationRequired.class); // TODO
You must create such annotation or devise other means of classifying
pages.. it could also be simply just some kind of instanceof check if
you want to be rigid
if (pageRequiresAuthentication) {
@SuppressWarnings("unchecked")
return
MyApplication.getSession().isAuthorized(authorizationRequired.emailConfirmationRequired());
}
return true;
}
/**
* @see
wicket.authorization.IUnauthorizedComponentInstantiationListener#onUnauthorizedInstantiation(wicket.Component)
*/
public void onUnauthorizedInstantiation(Component component) {
throw new RestartResponseAtInterceptPageException(Login.class); //
If login fails, redirect to login
}
}
:::::::::::::::::
public class Login extends WebPage {
public Login() {
final Form loginForm = new Form(LOGIN_FORM, new Model());
final TextField userIdField;
{
userIdField = new TextField(USER_ID, new Model());
userIdField.setRequired(true);
loginForm.add(userIdField);
}
{
rememberMe = new CheckBox("rememberMe", new Model());
loginForm.add(rememberMe);
}
final PasswordTextField passwdField;
{
passwdField = new PasswordTextField(PASSWORD, new Model());
passwdField.setResetPassword(false);
loginForm.add(passwdField);
}
{
SubmitLink loginButton = new SubmitLink(LOGIN_BUTTON, new Model()) {
/**
* @see org.apache.wicket.markup.html.form.SubmitLink#onSubmit()
*/
@Override
public void onSubmit() {
super.onSubmit();
String userAlias = userIdField.getValue();
String encryptedPassword;
{
String password = passwdField.getValue();
encryptedPassword =
MyAuthorizationStrategy.encryptValue(PASSWORD_ENCRYPTION_KEY,
password);
}
User user = LoginTransactions.getInstance().login(userAlias,
encryptedPassword, Boolean.parseBoolean(rememberMe.getValue()));
if (user != null) {
// TODO Check if the user is allowed to login
MyApplication.getSession().setUser(user);
if (!continueToOriginalDestination()) { // This will try
to send the user to the restricted page after login (if the user was
originally going there)
setResponsePage(MembersArea.class); // Else, if there is
no default location, you need to brobably just select something..
}
} else {
// Acknowledge wrong password
info("Wrong password.");
}
}
};
loginForm.add(loginButton);
}
add(new FeedbackPanel("feedback"));
add(loginForm);
}
}
::::::::::
That should get you kickstarted?
**
Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
