it is that way so you can have a different auth strategy per session by overriding sesssion.getauthstrat()
-igor On Sun, Mar 2, 2008 at 1:57 AM, Roberto Fasciolo <[EMAIL PROTECTED]> wrote: > > Hi, > > while trying profiling and debugging our application (which seems to have > some memory leak problems) I've found a strange thing in the constructor of > org.apache.wicket.Application. > > When the object is constructed a new component instantiation listener is > created with this code: > > // Install default component instantiation listener that uses > // authorization strategy to check component instantiations. > addComponentInstantiationListener(new > IComponentInstantiationListener() > { > /** > * @see > > org.apache.wicket.application.IComponentInstantiationListener#onInstantiation(org.apache.wicket.Component) > */ > public void onInstantiation(final Component component) > { > // If component instantiation is not > authorized > if > (!Session.get().getAuthorizationStrategy().isInstantiationAuthorized( > component.getClass())) > { > // then call any unauthorized > component instantiation > // listener > > getSecuritySettings().getUnauthorizedComponentInstantiationListener() > > .onUnauthorizedInstantiation(component); > } > } > }); > > > But while having a look at the Session object I've found out that > getAuthorizationStrategy() is calling back Application: > > /** > * @return The authorization strategy for this session > */ > public IAuthorizationStrategy getAuthorizationStrategy() > { > return > getApplication().getSecuritySettings().getAuthorizationStrategy(); > } > > > I wonder why it has been implemented in that way. Could this statement: > > if > > (!Session.get().getAuthorizationStrategy().isInstantiationAuthorized(component.getClass())) > > be rewritten as: > > if > > (!getSecuritySettings().getAuthorizationStrategy().isInstantiationAuthorized(component.getClass())) > > ?? > > -Roberto > > > > -- > View this message in context: > http://www.nabble.com/Strange-thing-in-Application-constructor-tp15786017p15786017.html > Sent from the Wicket - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]