« Return to Thread: intercept security check in wicket-auth-roles
Re: intercept security check in wicket-auth-roles
by Erik van Oosten
::
Rate this Message:
You don't have to use the spring xml config files to use Sprint
Security. Just instantiate the beans from code!
There is a small catch, you'll need to know something about Spring
callbacks. These are some interface that Spring will automatically call.
These are: InitializingBean, BeanNameAware, BeanFactoryAware and
ApplicationContextAware. Hopefully Spring Security does not depend on them.
But there are other options like jsecurity and lots of options on
http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki.
Regards,
Erik.
Brill Pappin wrote:
> Thanks for the heads up.
>
> I'll have to look at the security project again, but one thing I
> really like about auth-roles is that is so amazingly simply to
> deploy... however, I don't use spring (I'm a detractors of frameworks
> that use metadata where code should be) so I don't think its going to
> be any use to me here.
>
> - Brill
>
>
>
> On 11-Jul-09, at 3:47 AM, Olger Warnier wrote:
>
>> The wicket-security framework has possibilities to integrate with SSO
>> mechanisms. Next to that, you can integrate with spring-security and
>> all authentication mechanisms supported by that.
>> The yahoo-bbauth sample may help you to get an idea on how that works.
>>
>> Olger
>>
>> On 11 jul 2009, at 08:09, Brill Pappin wrote:
>>
>>> I actually find it very usable and i love how simple it is...
>>> does the new security framework have a similar simple method of
>>> securing a site like that?
>>>
>>> - Brill
>>>
>>> On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote:
>>>
>>>> wicket auth roles is an example, not a reusable framework. you should
>>>> copy and paste the code into your project and customize as needed.
>>>>
>>>> -igor
>>>>
>>>> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote:
>>>>> I'm trying to integrate wicket-auth-roles with a token based SSO
>>>>> security
>>>>> system.
>>>>>
>>>>> I can't see where I can intercept the authentication sequence and
>>>>> "auto-login" the user based on the token.
>>>>> Essentially i want to catch the authentication request and
>>>>> authorize the
>>>>> user based on a token before they are redirected to the login page.
>>>>>
>>>>> Does anyone have a clue how I might go about doing that?
>>>>>
>>>>> Unfortunately most places I've looked to over ride the sequence
>>>>> are marked
>>>>> final for some reason, which makes things difficult. I'm actually
>>>>> at the
>>>>> point now where I'm thinking of writing a new auth-roles based on the
>>>>> current lib, but I thought I'd ask first.
>>>>>
>>>>> ... and no, I don't want to use the other more complex security
>>>>> lib...
>>>>> auth-roles is very nice and simple to use and suitable for most
>>>>> applications.
>>>>>
>>>>> - Brill Pappin
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@...
>>>>> For additional commands, e-mail: users-help@...
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@...
>>>> For additional commands, e-mail: users-help@...
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@...
>>> For additional commands, e-mail: users-help@...
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@...
>> For additional commands, e-mail: users-help@...
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@...
> For additional commands, e-mail: users-help@...
>
--
Erik van Oosten
http://day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@...
For additional commands, e-mail: users-help@...
Security. Just instantiate the beans from code!
There is a small catch, you'll need to know something about Spring
callbacks. These are some interface that Spring will automatically call.
These are: InitializingBean, BeanNameAware, BeanFactoryAware and
ApplicationContextAware. Hopefully Spring Security does not depend on them.
But there are other options like jsecurity and lots of options on
http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki.
Regards,
Erik.
Brill Pappin wrote:
> Thanks for the heads up.
>
> I'll have to look at the security project again, but one thing I
> really like about auth-roles is that is so amazingly simply to
> deploy... however, I don't use spring (I'm a detractors of frameworks
> that use metadata where code should be) so I don't think its going to
> be any use to me here.
>
> - Brill
>
>
>
> On 11-Jul-09, at 3:47 AM, Olger Warnier wrote:
>
>> The wicket-security framework has possibilities to integrate with SSO
>> mechanisms. Next to that, you can integrate with spring-security and
>> all authentication mechanisms supported by that.
>> The yahoo-bbauth sample may help you to get an idea on how that works.
>>
>> Olger
>>
>> On 11 jul 2009, at 08:09, Brill Pappin wrote:
>>
>>> I actually find it very usable and i love how simple it is...
>>> does the new security framework have a similar simple method of
>>> securing a site like that?
>>>
>>> - Brill
>>>
>>> On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote:
>>>
>>>> wicket auth roles is an example, not a reusable framework. you should
>>>> copy and paste the code into your project and customize as needed.
>>>>
>>>> -igor
>>>>
>>>> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote:
>>>>> I'm trying to integrate wicket-auth-roles with a token based SSO
>>>>> security
>>>>> system.
>>>>>
>>>>> I can't see where I can intercept the authentication sequence and
>>>>> "auto-login" the user based on the token.
>>>>> Essentially i want to catch the authentication request and
>>>>> authorize the
>>>>> user based on a token before they are redirected to the login page.
>>>>>
>>>>> Does anyone have a clue how I might go about doing that?
>>>>>
>>>>> Unfortunately most places I've looked to over ride the sequence
>>>>> are marked
>>>>> final for some reason, which makes things difficult. I'm actually
>>>>> at the
>>>>> point now where I'm thinking of writing a new auth-roles based on the
>>>>> current lib, but I thought I'd ask first.
>>>>>
>>>>> ... and no, I don't want to use the other more complex security
>>>>> lib...
>>>>> auth-roles is very nice and simple to use and suitable for most
>>>>> applications.
>>>>>
>>>>> - Brill Pappin
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@...
>>>>> For additional commands, e-mail: users-help@...
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscribe@...
>>>> For additional commands, e-mail: users-help@...
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscribe@...
>>> For additional commands, e-mail: users-help@...
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@...
>> For additional commands, e-mail: users-help@...
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@...
> For additional commands, e-mail: users-help@...
>
--
Erik van Oosten
http://day-to-day-stuff.blogspot.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@...
For additional commands, e-mail: users-help@...
« Return to Thread: intercept security check in wicket-auth-roles
| Free embeddable forum powered by Nabble | Forum Help |
