Well my view is a bit biased :)
swarm aims to be easy to use and flexible but i admit it can look a
bit intimidating at first.
But don't take my word for it, ask some of the other people that
actually use swarm what they think of it. There is a number of them
floating around on the mailing list.
As for your usecase for authentication and just a little bit of
authorization (you are not giving me much to work with here)
You can continue using the current authentication but you need to
provide a mapping between your current roles/permissions to the
authorization mechanism of swarm. This should not be that hard.
Then you apply the ISecurePage interface to all the page you want to protected.
Even without using roles/permissions or whatever else authorization
you already accomplished that for those pages you need to be logged in
to the application before you can access them
Add more security to components / pages that require special permission
(all this just in a nutshell :))
Maurice
P.S. sorry for hijacking the thread :)
On Wed, Apr 2, 2008 at 9:10 AM, Nino Saturnino Martinez Vazquez Wael
<[EMAIL PROTECTED]> wrote:
> Ahh, I need to look into swarm.
>
> Currently im using my own homebrewn solution, auth roles was almost okay,
> but were missing the ability to use enums in it's annotations:/ And swarm
> seems to be a bit overcomplicated if I just need some base authentication +
> maybe some component auth, please correct me if Im wrong?
>
> regards Nino
>
>
>
> Maurice Marrink wrote:
>
> > Yep that way you can switch between an application scoped strategy
> > (like wicket-auth-roles) and a session scoped strategy (like swarm)
> > Anyway the default is for the session to ask the application to return
> > the strategy.
> >
> >
> > On Wed, Apr 2, 2008 at 8:18 AM, Nino Saturnino Martinez Vazquez Wael
> > <[EMAIL PROTECTED]> wrote:
> >
> >
> > > Session could provide that too? Cool:)
> > >
> > >
> > >
> > > Maurice Marrink wrote:
> > >
> > >
> > >
> > > > Or Session. Session.getAuthorizationStrategy().
> > > >
> > > > Maurice
> > > >
> > > > On Tue, Apr 1, 2008 at 8:51 PM, Nino Saturnino Martinez Vazquez Wael
> > > > <[EMAIL PROTECTED]> wrote:
> > > >
> > > >
> > > >
> > > >
> > > > > It's your webapplication that takes the ISecurityStrategy..
> > > > >
> > > > > public class ZeuzGroupApplication extends WebApplication {
> > > > >
> > > > > private SpringComponentInjector springComponentInjector;
> > > > >
> > > > > @Override
> > > > > protected void init() {
> > > > > super.init();
> > > > > // getSecuritySettings().setAuthorizationStrategy(
> > > > > // new RoleAuthorizationStrategy(new
> > > > >
> > > > >
> > > >
> > > UserRolesAuthorizer()));
> > >
> > >
> > > >
> > > > > getSecuritySettings().setAuthorizationStrategy(
> > > > > new ZeuzSecurity(ZeuzAuthorizedPage.class,
> > > > > LoginPage.class) {
> > > > > @Override
> > > > > protected boolean isAuthorized(Class pageClass) {
> > > > > return (((ZeuzSession)
> > > > > Session.get()).isAuthorized());
> > > > > }
> > > > > });
> > > > > ...
> > > > >
> > > > >
> > > > >
> > > > > Bruce Petro wrote:
> > > > > > Thanks to the replies I received... yeah I didn't say it well,
> but I
> > > > > > assumed the user would be kept in the session and that seems to
> fit
> > > > > > everyone's reply. On top of that, I think I'm hearing I can use
> > > > > > inheritance and have every page utilize ISecurityStrategy to then
> > > > > > control access to the page.
> > > > > >
> > > > > > I'll check into it and see if I've got that all correct. Thanks
> > > > >
> > > > >
> > > >
> > > again.
> > >
> > >
> > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Nino Saturnino Martinez Vazquez Wael
> > > > > > [mailto:[EMAIL PROTECTED]
> > > > > > Sent: Tuesday, April 01, 2008 1:49 PM
> > > > > > To: [email protected]
> > > > > > Subject: Re: Question on page inheritance...
> > > > > >
> > > > > > True, as Igor wrote this is meant to be in conjuction with at
> > > > > > ISecurityStrategy.
> > > > > >
> > > > > > Nino Saturnino Martinez Vazquez Wael wrote:
> > > > > >
> > > > > >> You could actually also do this another way... Im using markup
> > > > > >> inheritance alot, but I stuff user object into the session like
> > > > >
> > > > >
> > > >
> > > this:
> > >
> > >
> > > >
> > > > > >>
> > > > > >> See a nice view here:
> > > > > >> http://papernapkin.org/pastebin/view/281/
> > > > > >>
> > > > > >> package zeuzgroup.application;
> > > > > >>
> > > > > >> import javax.servlet.http.HttpSession;
> > > > > >>
> > > > > >> import org.apache.wicket.Application;
> > > > > >> import org.apache.wicket.Request;
> > > > > >> import org.apache.wicket.protocol.http.WebRequest;
> > > > > >> import org.apache.wicket.protocol.http.WebSession;
> > > > > >>
> > > > > >> import zeuzgroup.core.Person;
> > > > > >> import zeuzgroup.core.user.UserType;
> > > > > >>
> > > > > >> public class ZeuzSession extends WebSession {
> > > > > >>
> > > > > >> private boolean authorized = false;
> > > > > >>
> > > > > >> private Person person;
> > > > > >>
> > > > > >> private HttpSession httpSession;
> > > > > >>
> > > > > >> protected ZeuzSession(Application application, Request
> request) {
> > > > > >> super(application, request);
> > > > > >> httpSession = ((WebRequest)
> request).getHttpServletRequest()
> > > > > >> .getSession();
> > > > > >>
> > > > > >> }
> > > > > >>
> > > > > >> public boolean isAuthorized() {
> > > > > >> return authorized;
> > > > > >> }
> > > > > >>
> > > > > >> public void setAuthorized(boolean authorized) {
> > > > > >>
> > > > > >> this.authorized = authorized;
> > > > > >> if (authorized) {
> > > > > >>
> > > > > >> httpSession.setAttribute("sso.password.attribute",
> person
> > > > > >> .getPassword());
> > > > > >> httpSession.setAttribute("sso.email.attribute",
> > > > > >> person.getEmail());
> > > > > >> httpSession.setAttribute("password",
> > > > >
> > > > >
> > > >
> > > person.getPassword());
> > >
> > >
> > > >
> > > > > >> httpSession.setAttribute("email", person.getEmail());
> > > > > >>
> > > > > >> } else {
> > > > > >> httpSession.setAttribute("sso.password.attribute",
> null);
> > > > > >> httpSession.setAttribute("sso.email.attribute",
> null);
> > > > > >> }
> > > > > >> }
> > > > > >>
> > > > > >> public Person getPerson() {
> > > > > >> if (person != null) {
> > > > > >> return person;
> > > > > >> } else {
> > > > > >> Person person = new Person();
> > > > > >> person.setUserType(UserType.Guest);
> > > > > >> return person;
> > > > > >> }
> > > > > >> }
> > > > > >>
> > > > > >> public void setPerson(Person person) {
> > > > > >> this.person = person;
> > > > > >> }
> > > > > >>
> > > > > >> }
> > > > > >>
> > > > > >>
> > > > > >> Bruce Petro wrote:
> > > > > >>
> > > > > >>> I'm just getting started in wicket, so forgive me if this is a
> > > > > >>>
> > > > > > too-dumb
> > > > > >
> > > > > >>> question...
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>> I know wicket can check the session for a user to ask a "user"
> > > > >
> > > > >
> > > >
> > > object
> > >
> > >
> > > >
> > > > > >>>
> > > > > > if
> > > > > >
> > > > > >>> it is logged in.
> > > > > >>>
> > > > > >>> However, you don't really want to paste code on every page.
> > > > > >>>
> > > > > >>> What is the best way, to have each page inherit the base
> "security
> > > > > >>> check" routine?
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>> Would you create a BasePage extends WebPage and put the logic
> there
> > > > > >>>
> > > > > > and
> > > > > >
> > > > > >>> have all other pages extend BasePage?
> > > > > >>>
> > > > > >>> Or would you attach some sort of a command object to each page
> and
> > > > > >>>
> > > > > > put
> > > > > >
> > > > > >>> the logic in that?
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>> Anyone have a reference to an example of code to do this?
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>> THANKS!
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >>>
> > > > > >
> > > > > >
> > > > >
> > > > > --
> > > > > -Wicket for love
> > > > >
> > > > > Nino Martinez Wael
> > > > > Java Specialist @ Jayway DK
> > > > > http://www.jayway.dk
> > > > > +45 2936 7684
> > > > >
> > > > >
> > > > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > --
> > >
> > > -Wicket for love
> > >
> > > Nino Martinez Wael
> > > Java Specialist @ Jayway DK
> > > http://www.jayway.dk
> > > +45 2936 7684
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> >
> >
>
> --
> -Wicket for love
>
> Nino Martinez Wael
> Java Specialist @ Jayway DK
> http://www.jayway.dk
> +45 2936 7684
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
