| <!DOCTYPE html> |
| <html> |
| <head> |
| <title>Apache Wicket - Wicket Auth/Roles</title> |
| |
| <link rel="stylesheet" href="/css/screen.css" type="text/css" media="screen" /> |
| |
| <!--[if lt ie 7]> |
| <link rel="stylesheet" href="/css/ie.css" type="text/css" media="screen" /> |
| <![endif]--> |
| <link rel="shortcut icon" href="/favicon.ico" type="image/vnd.microsoft.icon" /> |
| <link rel="alternate" type="application/atom+xml" href="/atom.xml" /> |
| <meta http-equiv="content-type" content="text/html;charset=utf-8" /> |
| </head> |
| <body> |
| <div id="container"> |
| <div id="content"> |
| <div id="header"><a href="/"><h1 id="logo"><span>Apache Wicket</span></h1></a></div> |
| <div id="navigation"> |
| <h5><a name="Navigation-Wicket"></a>Meet Wicket</h5> |
| <ul> |
| <li> |
| <a href="/" title="Index">Home</a> |
| </li> |
| <li> |
| <a href="/meet/introduction.html" title="Introduction">Introduction</a> |
| </li> |
| <li> |
| <a href="/meet/features.html" title="Features">Features</a> |
| </li> |
| <li> |
| <a href="/meet/buzz.html" title="Buzz">Buzz</a> |
| </li> |
| <li> |
| <a href="/meet/vision.html" title="Vision">Vision</a> |
| </li> |
| <li> |
| <a href="/meet/blogs.html" title="Blogs">Blogs</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-GettingStarted" id="Navigation-GettingStarted"></a>Get Started |
| </h5> |
| <ul> |
| <li> |
| <a href="/start/download.html" title="Download Wicket">Download Wicket</a> |
| </li> |
| <li> |
| <a href="/start/quickstart.html" title="Getting started via a Maven Archetype">Quickstart</a> |
| </li> |
| <li> |
| <a href="http://www.jweekend.com/dev/LegUp" rel="nofollow">More archetypes</a> |
| </li> |
| <li> |
| <a href="/help" title="Get help">Get help</a> |
| </li> |
| <li> |
| <a href="/help/email.html" title="Wicket Mailing Lists">Mailing Lists</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-Documentation" id="Navigation-Documentation"></a>Learn |
| </h5> |
| <ul> |
| <li> |
| <a href="/start/userguide.html" title="User Guide">User Guide</a> |
| </li> |
| <li> |
| <a href="/learn/examples" title="Examples">Examples</a> |
| </li> |
| <li> |
| <a href="http://www.wicket-library.com/wicket-examples/compref/">Components</a> |
| </li> |
| <li> |
| <a href="/learn/projects/" title="Projects extending basic Wicket">Projects</a> |
| </li> |
| <li> |
| <a href="https://cwiki.apache.org/confluence/display/WICKET">Wiki</a> |
| </li> |
| <li> |
| <a href="https://cwiki.apache.org/confluence/display/WICKET/Reference+library">Reference guide</a> |
| </li> |
| <li> |
| <a href="/learn/books" title="Books">Books</a> |
| </li> |
| <li> |
| <a href="/learn/ides.html" title="IDEs">IDEs</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-Releases" id="Navigation-Releases"></a>Releases |
| </h5> |
| <ul> |
| <li> |
| <a href="http://www.apache.org/dyn/closer.cgi/wicket/6.20.0">Wicket 6.20</a> |
| </li> |
| <li> |
| <a href="http://www.apache.org/dyn/closer.cgi/wicket/1.5.13">Wicket 1.5</a> |
| </li> |
| <li> |
| <a href="http://www.apache.org/dyn/closer.cgi/wicket/1.4.23">Wicket 1.4</a> |
| </li> |
| <li> |
| <a href="http://www.apache.org/dyn/closer.cgi/wicket/1.3.7">Wicket 1.3</a> |
| </li> |
| <li> |
| <a href="http://wicket.sf.net/wicket-1.2" class="external-link" rel="nofollow">Wicket 1.2</a> |
| </li> |
| <li> |
| <a href="http://wicket.sf.net/wicket-1.1" class="external-link" rel="nofollow">Wicket 1.1</a> |
| </li> |
| <li> |
| <a href="http://wicket.sf.net/wicket-1.0" class="external-link" rel="nofollow">Wicket 1.0</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-Docs" id="Navigation-Docs"></a>API Docs |
| </h5> |
| <ul> |
| <li> |
| <a href="http://ci.apache.org/projects/wicket/apidocs/6.x/" title="JavaDocs of Apache Wicket 6.x">Wicket 6.x</a> |
| </li> |
| <li> |
| <a href="http://ci.apache.org/projects/wicket/apidocs/1.5.x/" title="JavaDocs of Apache Wicket 1.5.x">Wicket 1.5</a> |
| </li> |
| <li> |
| <a href="http://ci.apache.org/projects/wicket/apidocs/1.4.x" title="JavaDocs of Apache Wicket 1.4.x">Wicket 1.4</a> |
| </li> |
| <li> |
| <a href="http://ci.apache.org/projects/wicket/apidocs/1.3.x" title="JavaDocs of Apache Wicket 1.3.x">Wicket 1.3</a> |
| </li> |
| </ul> |
| <h5>Wicket 7.x</h5> |
| <ul> |
| <li> |
| <a href="http://www.apache.org/dyn/closer.cgi/wicket/7.0.0-M6">Download M6</a> |
| </li> |
| <li> |
| <a href="https://cwiki.apache.org/confluence/display/WICKET/Migration+to+Wicket+7.0">Migration guide</a> |
| </li> |
| <li> |
| <a href="http://ci.apache.org/projects/wicket/apidocs/7.x/" title="JavaDocs of Apache Wicket 7.x">API Docs 7.x</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-Developers" id="Navigation-Developers"></a>Contribute |
| </h5> |
| <ul> |
| <li> |
| <a href="/contribute/write.html" title="Writing documentation">Writing docs</a> |
| </li> |
| <li> |
| <a href="/contribute/build.html" title="Building from SVN">Build Wicket</a> |
| </li> |
| <li> |
| <a href="/contribute/patch.html" title="Provide a patch">Provide a patch</a> |
| </li> |
| <li> |
| <a href="/contribute/release.html" title="Release Wicket">Release Wicket</a> |
| </li> |
| <li> |
| <a href="https://fisheye6.atlassian.com/browse/wicket-git" title="Git Overview" class="external-link" rel="nofollow">Fisheye</a> |
| </li> |
| </ul> |
| <h5> |
| <a name="Navigation-Apache" id="Navigation-Apache"></a>Apache |
| </h5> |
| <ul> |
| <li> |
| <a href="http://www.apache.org/" class="external-link" rel="nofollow">Apache</a> |
| </li> |
| <li> |
| <a href="http://www.apache.org/licenses/" class="external-link" rel="nofollow">License</a> |
| </li> |
| <li> |
| <a href="http://www.apache.org/foundation/sponsorship.html" class="external-link" rel="nofollow">Sponsorship</a> |
| </li> |
| <li> |
| <a href="http://apache.org/foundation/thanks.html" class="external-link" rel="nofollow">Thanks</a> |
| </li> |
| <li> |
| <a href="/apache/friends.html" title="Apache projects using Wicket">Friends</a> |
| </li> |
| </ul> |
| </div> |
| |
| <div id="contentbody"> |
| <h1>Wicket Auth/Roles</h1> |
| <p>This is mostly a technology demonstration implementing authorization and |
| authentication for the Apache Wicket web framework. The project supplies roles |
| based authorization and some simple authentication components.</p> |
| |
| <h2 id="contents">Contents</h2> |
| |
| <ul> |
| <li><a href="#introduction">Introduction</a></li> |
| <li><a href="#example">Example</a></li> |
| <li><a href="#installing">Installing</a></li> |
| </ul> |
| |
| <h2 id="introduction">Introduction</h2> |
| |
| <p>Wicket Auth/Roles is a simplistic but useful security extension to the Wicket |
| framework. It is intended to be simplistic and not to be confused with a |
| framework. If you find this library useful, great. If you need more than is |
| supplied by this library, either look at <a href="#alternatives">alternative security |
| integrations</a> or copy these classes and modify them at will |
| (this project <strong>is</strong> <a href="http://www.apache.org/licenses/">open source</a> after |
| all.)</p> |
| |
| <p>Like most if not all security solutions for Wicket, this project provides an |
| implementation for Wicket’s <code>IAuthorizationStrategy</code>. When an authorization |
| strategy is installed in the security settings |
| (<code>WebApplication#getSecuritySettings</code>), Wicket will check for each component |
| (including pages) if instantiation is allowed and if rendering is allowed.</p> |
| |
| <p>For more documentation use the following links:</p> |
| |
| <ul> |
| <li><a href="http://wicket.apache.org/apidocs/1.5/org/apache/wicket/authentication/package-summary.html">Authentication API</a></li> |
| <li><a href="http://wicket.apache.org/apidocs/1.5/org/apache/wicket/authorization/package-summary.html">Authorization API</a></li> |
| </ul> |
| |
| <p>Note that for the instantiation check Wicket will invoke the constructor |
| hierarchy of your component, but will throw an exception if the authorization |
| check fails.</p> |
| |
| <h3 id="authentication">Authentication</h3> |
| |
| <p>As a basis, you should extend your web application class from |
| <code>AuthenticatedWebApplication</code>. When you create your class you’ll be asked to |
| override the following methods:</p> |
| |
| <ul> |
| <li><code>newSession</code> - return a subclass of <code>AuthenticatedWebSession</code></li> |
| <li><code>getSignInPageClass</code> - return the class for your login page (this one should |
| not require authentication, otherwise you’ll create an infinite loop)</li> |
| </ul> |
| |
| <p>Next you’ll need to provide your custom session class-making it a subclass of |
| <code>AuthenticatedWebSession</code>. This class requires you to override the following |
| methods:</p> |
| |
| <ul> |
| <li><code>authenticate</code> - called when the user needs to be authenticated using a |
| username and password</li> |
| <li><code>getRoles</code> - called after the users was authenticated and should provide the |
| roles associated with the authenticated user.</li> |
| </ul> |
| |
| <p>You can use the provided <code>SignInPage</code>, which has been translated to a couple |
| of languages (see the source code for the actual translations), or roll your |
| own. When you roll your own, you can opt to use the provided <code>SignInPanel</code> |
| (which has been translated as well) so you don’t have to create your own login |
| form.</p> |
| |
| <h3 id="authorization">Authorization</h3> |
| |
| <p>Annotation for configuring what roles are allowed for instantiation the |
| annotated component or package. This annotation can be used for classes and |
| packages, and can be used like this:</p> |
| |
| <div class="highlight"><pre><code class="language-java" data-lang="java"><span class="c1">// only users with role ADMIN are allowed to create instances of this page, whether it is</span> |
| <span class="c1">// either bookmarkable or not</span> |
| <span class="nd">@AuthorizeInstantiation</span><span class="o">(</span><span class="s">"ADMIN"</span><span class="o">)</span> |
| <span class="kd">public</span> <span class="kd">class</span> <span class="nc">AdminAnnotationsBookmarkablePage</span> <span class="kd">extends</span> <span class="n">WebPage</span></code></pre></div> |
| |
| <p>When someone who doesn’t have the role ADMIN, Wicket will not allow the page |
| to be fully constructed and throw an authorization exception during the |
| construction of the page. This will result in an access denied page for the |
| user.</p> |
| |
| <p>Enablng the annotations for role based authorization is done by setting the |
| <code>WebApplication#getSecuritySettings</code> value to |
| <code>AnnotationsRoleAuthorizationStrategy</code>. Then you can use the auth/roles |
| provided authorization annotations.</p> |
| |
| <h3 id="alternatives">Alternatives</h3> |
| |
| <p>More elaborate security solutions exist in the following projects:</p> |
| |
| <ul> |
| <li><a href="https://github.com/wicketstuff/core/tree/core-1.5.x/jdk-1.5-parent/shiro-security">Wicket Shiro</a> - |
| integration between Apache Shiro and Wicket</li> |
| <li><a href="https://github.com/wicketstuff/core/tree/core-1.5.x/jdk-1.5-parent/wicket-security-parent">Wicket Security</a> |
| <ul> |
| <li>JAAS inspired, principal based security framework</li> |
| </ul> |
| </li> |
| </ul> |
| |
| <p>If other security solutions are available for Wicket, <a href="https://issues.apache.org/jira/browse/WICKET">let us |
| know</a>.</p> |
| |
| <h2 id="example">Example</h2> |
| |
| <p>The Wicket Examples project contains a <a href="http://wicket-library.com/wicket-examples/authorization">complete |
| example</a> of limiting |
| access to pages and components using roles based authorization. It also contains |
| an <a href="http://wicket-library.com/wicket-examples/authentication">authentication |
| example</a>.</p> |
| |
| <p>Click on the source links to see the related source code.</p> |
| |
| <h2 id="installing">Installing</h2> |
| |
| <p>Installing Wicket Auth/Roles can be done through adding a dependency in your |
| project’s Maven pom, or by putting the wicket-auth-roles.jar and the required |
| dependencies in your projects classpath.</p> |
| |
| <h3 id="using-maven">Using Maven</h3> |
| |
| <p>Add the following dependency to your pom:</p> |
| |
| <div class="highlight"><pre><code class="language-xml" data-lang="xml"><span class="nt"><dependency></span> |
| <span class="nt"><groupId></span>org.apache.wicket<span class="nt"></groupId></span> |
| <span class="nt"><artifactId></span>wicket-auth-roles<span class="nt"></artifactId></span> |
| <span class="nt"><version></span>6.20.0<span class="nt"></version></span> |
| <span class="nt"></dependency></span></code></pre></div> |
| |
| <h3 id="required-dependencies">Required dependencies</h3> |
| |
| <p>Wicket Auth/Roles requires the following jar files to be on your classpath:</p> |
| |
| <ul> |
| <li>Wicket</li> |
| <li>Wicket Auth/Roles</li> |
| </ul> |
| |
| |
| </div> |
| <div id="clearer"></div> |
| <div id="footer"><span> |
| Copyright © 2015 — The Apache Software Foundation. Apache Wicket, |
| Wicket, Apache, the Apache feather logo, and the Apache Wicket project logo |
| are trademarks of The Apache Software Foundation. All other marks mentioned |
| may be trademarks or registered trademarks of their respective owners. |
| </span></div> |
| |
| </div> |
| </div> |
| </body> |
| </html> |