I think since Maurice's death, there has not been much concrete discussion as to the future of it. I suppose it needs a leader to pick it up and run with it (and I nominate Nino :)
http://www.nabble.com/Future-of-Wicket-Security--td19176506.html http://www.nabble.com/In-memoriam:-Maurice-Marrink-td18813738.html -- Jeremy Thomerson http://www.wickettraining.com On Fri, Feb 20, 2009 at 3:48 PM, Tauren Mills <tau...@groovee.com> wrote: > Does anyone know the current status of the wicket-security project? > It looks like there has been no activity in svn for close to a year. > And it is unclear if it will work with wicket 1.4. What is the > preferred tool today for implementing a roles-based authorization and > authentication system with wicket 1.4? > > Right now I only need wicket-based security, but may need to secure > webservices as well in the future, and understand that swarm 1.3.1 was > working to add that. In my application, users will be assigned > multiple roles. All users will see the same "main page", but users > with certain roles need to be able to see additional tabs, more > content panels, as well as be able to view and edit appropriate > content based on roles. > > So I'm trying to determine a security implementation for an upcoming > project and have been researching the options available. I've found > the following approaches: > > Wicket Auth Roles > wicket-auth-roles-1.4-rc2.jar > Roles support seems quite limited > > Wicket Security (SWARM and WASP) > http://wicketstuff.org/confluence/display/STUFFWIKI/Wicket-Security > http://wicketstuff.org/confluence/display/STUFFWIKI/Wicket-Security+1.3.1 > Looks powerful, but not sure if it works with 1.4 and if support is > going to continue. > > Wicket Security + ACEGI > http://wicketstuff.org/confluence/display/STUFFWIKI/Swarm+and+Acegi+HowTo > Not sure about this one > > Wicket Auth Roles plus Spring Security > Example: http://svn.carmanconsulting.com/public/wicket-advanced/trunk/ > Looks clean and simple, but I thought I read spring security was very > much based on the RESTfulness of things, which doesn't necessarily > work all that well with wicket. Never used it, so maybe I'm mistaken. > > Wicket in Action book > Uses a simple, but custom implementation. I would consider going with > a custom solution too if the other options don't pan out. > > Any other solutions I don't know about? I'm all ears if anyone has > recommendations for my use case. I'm leaning toward wicket security, > but am concerned about the lack of activity. > > Thanks, > Tauren > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > >
