Using either wicket-auth-roles or swarm you typically only declare which action you want to check and don't do the actual check yourself unless you plan on doing something special. How you declare which action is required depends on the security framework you are using. In wicket-auth-roles you add an AuthorizeActions annotation. In swarm you declare permissions in a policy file, which are or are not granted to the user.
Maurice On Fri, Mar 28, 2008 at 4:42 PM, Vitaly Tsaplin <[EMAIL PROTECTED]> wrote: > Hi people, > > My question is simple... :) How to use an action level > authorization. I cannot find any info or example. > As I can guess I have to associate a role using setMetaData () with > a component and then in IAuthorizationStrategy.isActionAuthorized () I > do an actual check by taking the associated role from the given > component by key and comparing it with a role of a current user. Is it > correct guess? > > Vitaly > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
