> >> I'm migrating an existing Struts app to Wicket and > >> have now reached the point where I have to add > >> authentication/authorization to it. In the Struts app I used > >> Acegi to add URL-based security. Ideally I'd re-use my existing > >> Acegi config for Wicket but I can't find any documentation on > >> how to do this. The 'Wicket way' of authentication is mentioned > >> on the Wiki somewhere but details are missing. What's the best > >> way to add simple role-based security to a Wicket app? > >> > > > > You can just add acegi filter in web.xml before wicket servlet, > > can't you? Going the "Wicket way" is not strictly necessary, I do > > it like this without integrating with Wicket authentication > > facilities. > > > I thought about that too but then I still have to drag in some JSP's for > the login page and somehow > integrate Acegi's authz taglib for conditional content. Not that it's a > big deal but it literally all feels > a bit mixed, I prefer to keep it pure.
For the pure approach, definitively check out wicket-auth. I haven't looked at Maurice's project - it might be much better - but looking at wicket-auth will help you understand how Wicket's build in authorization mechanism works. Eelco ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user