intercept security check in wicket-auth-roles
|
View:
New views
9 Messages
—
Rating Filter:
Alert me
|
 |
intercept security check in wicket-auth-roles
by Brill Pappin
::
Rate this Message:
I'm trying to integrate wicket-auth-roles with a token based SSO
security system. I can't see where I can intercept the authentication sequence and "auto-login" the user based on the token. Essentially i want to catch the authentication request and authorize the user based on a token before they are redirected to the login page. Does anyone have a clue how I might go about doing that? Unfortunately most places I've looked to over ride the sequence are marked final for some reason, which makes things difficult. I'm actually at the point now where I'm thinking of writing a new auth- roles based on the current lib, but I thought I'd ask first. ... and no, I don't want to use the other more complex security lib... auth-roles is very nice and simple to use and suitable for most applications. - Brill Pappin --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by fstof
::
Rate this Message:
Any luck with this?
I'm looking to do the same thing, but how>
|
|
|
Re: intercept security check in wicket-auth-roles
by igor.vaynberg
::
Rate this Message:
wicket auth roles is an example, not a reusable framework. you should
copy and paste the code into your project and customize as needed. -igor On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote: > I'm trying to integrate wicket-auth-roles with a token based SSO security > system. > > I can't see where I can intercept the authentication sequence and > "auto-login" the user based on the token. > Essentially i want to catch the authentication request and authorize the > user based on a token before they are redirected to the login page. > > Does anyone have a clue how I might go about doing that? > > Unfortunately most places I've looked to over ride the sequence are marked > final for some reason, which makes things difficult. I'm actually at the > point now where I'm thinking of writing a new auth-roles based on the > current lib, but I thought I'd ask first. > > ... and no, I don't want to use the other more complex security lib... > auth-roles is very nice and simple to use and suitable for most > applications. > > - Brill Pappin > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Brill Pappin
::
Rate this Message:
I actually took the wicket-auth-roles and rolled a custom solution.
I'd put it up but never went back to make sure it was properly tested for distribution :) - brill On 3-Jul-09, at 6:28 AM, fstof wrote: > > Any luck with this? > I'm looking to do the same thing, but how> > > > Brill Pappin wrote: >> >> I'm trying to integrate wicket-auth-roles with a token based SSO >> security system. >> >> I can't see where I can intercept the authentication sequence and >> "auto-login" the user based on the token. >> Essentially i want to catch the authentication request and authorize >> the user based on a token before they are redirected to the login >> page. >> >> Does anyone have a clue how I might go about doing that? >> >> Unfortunately most places I've looked to over ride the sequence are >> marked final for some reason, which makes things difficult. I'm >> actually at the point now where I'm thinking of writing a new auth- >> roles based on the current lib, but I thought I'd ask first. >> >> ... and no, I don't want to use the other more complex security >> lib... >> auth-roles is very nice and simple to use and suitable for most >> applications. >> >> - Brill Pappin >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> >> >> > > -- > View this message in context: http://www.nabble.com/intercept-security-check-in-wicket-auth-roles-tp22122773p24320938.html > Sent from the Wicket - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Brill Pappin
::
Rate this Message:
I actually find it very usable and i love how simple it is...
does the new security framework have a similar simple method of securing a site like that? - Brill On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: > wicket auth roles is an example, not a reusable framework. you should > copy and paste the code into your project and customize as needed. > > -igor > > On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote: >> I'm trying to integrate wicket-auth-roles with a token based SSO >> security >> system. >> >> I can't see where I can intercept the authentication sequence and >> "auto-login" the user based on the token. >> Essentially i want to catch the authentication request and >> authorize the >> user based on a token before they are redirected to the login page. >> >> Does anyone have a clue how I might go about doing that? >> >> Unfortunately most places I've looked to over ride the sequence are >> marked >> final for some reason, which makes things difficult. I'm actually >> at the >> point now where I'm thinking of writing a new auth-roles based on the >> current lib, but I thought I'd ask first. >> >> ... and no, I don't want to use the other more complex security >> lib... >> auth-roles is very nice and simple to use and suitable for most >> applications. >> >> - Brill Pappin >> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Olger Warnier-2
::
Rate this Message:
The wicket-security framework has possibilities to integrate with SSO
mechanisms. Next to that, you can integrate with spring-security and all authentication mechanisms supported by that. The yahoo-bbauth sample may help you to get an idea on how that works. Olger On 11 jul 2009, at 08:09, Brill Pappin wrote: > I actually find it very usable and i love how simple it is... > does the new security framework have a similar simple method of > securing a site like that? > > - Brill > > On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: > >> wicket auth roles is an example, not a reusable framework. you should >> copy and paste the code into your project and customize as needed. >> >> -igor >> >> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote: >>> I'm trying to integrate wicket-auth-roles with a token based SSO >>> security >>> system. >>> >>> I can't see where I can intercept the authentication sequence and >>> "auto-login" the user based on the token. >>> Essentially i want to catch the authentication request and >>> authorize the >>> user based on a token before they are redirected to the login page. >>> >>> Does anyone have a clue how I might go about doing that? >>> >>> Unfortunately most places I've looked to over ride the sequence >>> are marked >>> final for some reason, which makes things difficult. I'm actually >>> at the >>> point now where I'm thinking of writing a new auth-roles based on >>> the >>> current lib, but I thought I'd ask first. >>> >>> ... and no, I don't want to use the other more complex security >>> lib... >>> auth-roles is very nice and simple to use and suitable for most >>> applications. >>> >>> - Brill Pappin >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscribe@... >>> For additional commands, e-mail: users-help@... >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Brill Pappin
::
Rate this Message:
Thanks for the heads up.
I'll have to look at the security project again, but one thing I really like about auth-roles is that is so amazingly simply to deploy... however, I don't use spring (I'm a detractors of frameworks that use metadata where code should be) so I don't think its going to be any use to me here. - Brill On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: > The wicket-security framework has possibilities to integrate with > SSO mechanisms. Next to that, you can integrate with spring-security > and all authentication mechanisms supported by that. > The yahoo-bbauth sample may help you to get an idea on how that works. > > Olger > > On 11 jul 2009, at 08:09, Brill Pappin wrote: > >> I actually find it very usable and i love how simple it is... >> does the new security framework have a similar simple method of >> securing a site like that? >> >> - Brill >> >> On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: >> >>> wicket auth roles is an example, not a reusable framework. you >>> should >>> copy and paste the code into your project and customize as needed. >>> >>> -igor >>> >>> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> >>> wrote: >>>> I'm trying to integrate wicket-auth-roles with a token based SSO >>>> security >>>> system. >>>> >>>> I can't see where I can intercept the authentication sequence and >>>> "auto-login" the user based on the token. >>>> Essentially i want to catch the authentication request and >>>> authorize the >>>> user based on a token before they are redirected to the login page. >>>> >>>> Does anyone have a clue how I might go about doing that? >>>> >>>> Unfortunately most places I've looked to over ride the sequence >>>> are marked >>>> final for some reason, which makes things difficult. I'm actually >>>> at the >>>> point now where I'm thinking of writing a new auth-roles based on >>>> the >>>> current lib, but I thought I'd ask first. >>>> >>>> ... and no, I don't want to use the other more complex security >>>> lib... >>>> auth-roles is very nice and simple to use and suitable for most >>>> applications. >>>> >>>> - Brill Pappin >>>> >>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscribe@... >>>> For additional commands, e-mail: users-help@... >>>> >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscribe@... >>> For additional commands, e-mail: users-help@... >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Erik van Oosten
::
Rate this Message:
You don't have to use the spring xml config files to use Sprint
Security. Just instantiate the beans from code! There is a small catch, you'll need to know something about Spring callbacks. These are some interface that Spring will automatically call. These are: InitializingBean, BeanNameAware, BeanFactoryAware and ApplicationContextAware. Hopefully Spring Security does not depend on them. But there are other options like jsecurity and lots of options on http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki. Regards, Erik. Brill Pappin wrote: > Thanks for the heads up. > > I'll have to look at the security project again, but one thing I > really like about auth-roles is that is so amazingly simply to > deploy... however, I don't use spring (I'm a detractors of frameworks > that use metadata where code should be) so I don't think its going to > be any use to me here. > > - Brill > > > > On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: > >> The wicket-security framework has possibilities to integrate with SSO >> mechanisms. Next to that, you can integrate with spring-security and >> all authentication mechanisms supported by that. >> The yahoo-bbauth sample may help you to get an idea on how that works. >> >> Olger >> >> On 11 jul 2009, at 08:09, Brill Pappin wrote: >> >>> I actually find it very usable and i love how simple it is... >>> does the new security framework have a similar simple method of >>> securing a site like that? >>> >>> - Brill >>> >>> On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: >>> >>>> wicket auth roles is an example, not a reusable framework. you should >>>> copy and paste the code into your project and customize as needed. >>>> >>>> -igor >>>> >>>> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote: >>>>> I'm trying to integrate wicket-auth-roles with a token based SSO >>>>> security >>>>> system. >>>>> >>>>> I can't see where I can intercept the authentication sequence and >>>>> "auto-login" the user based on the token. >>>>> Essentially i want to catch the authentication request and >>>>> authorize the >>>>> user based on a token before they are redirected to the login page. >>>>> >>>>> Does anyone have a clue how I might go about doing that? >>>>> >>>>> Unfortunately most places I've looked to over ride the sequence >>>>> are marked >>>>> final for some reason, which makes things difficult. I'm actually >>>>> at the >>>>> point now where I'm thinking of writing a new auth-roles based on the >>>>> current lib, but I thought I'd ask first. >>>>> >>>>> ... and no, I don't want to use the other more complex security >>>>> lib... >>>>> auth-roles is very nice and simple to use and suitable for most >>>>> applications. >>>>> >>>>> - Brill Pappin >>>>> >>>>> >>>>> >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: users-unsubscribe@... >>>>> For additional commands, e-mail: users-help@... >>>>> >>>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscribe@... >>>> For additional commands, e-mail: users-help@... >>>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscribe@... >>> For additional commands, e-mail: users-help@... >>> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > -- Erik van Oosten http://day-to-day-stuff.blogspot.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@... |
|
|
Re: intercept security check in wicket-auth-roles
by Les Hazlewood
::
Rate this Message:
JSecurity has been renamed to Apache Shiro and is referenced in the linked
page as 'wicket-shiro'. Cheers, Les On Mon, Jul 13, 2009 at 3:41 AM, Erik van Oosten <e.vanoosten@...>wrote: > You don't have to use the spring xml config files to use Sprint Security. > Just instantiate the beans from code! > > There is a small catch, you'll need to know something about Spring > callbacks. These are some interface that Spring will automatically call. > These are: InitializingBean, BeanNameAware, BeanFactoryAware and > ApplicationContextAware. Hopefully Spring Security does not depend on them. > > But there are other options like jsecurity and lots of options on > http://wicketstuff.org/confluence/display/STUFFWIKI/Wiki. > > Regards, > Erik. > > > > Brill Pappin wrote: > >> Thanks for the heads up. >> >> I'll have to look at the security project again, but one thing I really >> like about auth-roles is that is so amazingly simply to deploy... however, I >> don't use spring (I'm a detractors of frameworks that use metadata where >> code should be) so I don't think its going to be any use to me here. >> >> - Brill >> >> >> >> On 11-Jul-09, at 3:47 AM, Olger Warnier wrote: >> >> The wicket-security framework has possibilities to integrate with SSO >>> mechanisms. Next to that, you can integrate with spring-security and all >>> authentication mechanisms supported by that. >>> The yahoo-bbauth sample may help you to get an idea on how that works. >>> >>> Olger >>> >>> On 11 jul 2009, at 08:09, Brill Pappin wrote: >>> >>> I actually find it very usable and i love how simple it is... >>>> does the new security framework have a similar simple method of securing >>>> a site like that? >>>> >>>> - Brill >>>> >>>> On 3-Jul-09, at 11:34 AM, Igor Vaynberg wrote: >>>> >>>> wicket auth roles is an example, not a reusable framework. you should >>>>> copy and paste the code into your project and customize as needed. >>>>> >>>>> -igor >>>>> >>>>> On Fri, Feb 20, 2009 at 8:30 AM, Brill Pappin<brill@...> wrote: >>>>> >>>>>> I'm trying to integrate wicket-auth-roles with a token based SSO >>>>>> security >>>>>> system. >>>>>> >>>>>> I can't see where I can intercept the authentication sequence and >>>>>> "auto-login" the user based on the token. >>>>>> Essentially i want to catch the authentication request and authorize >>>>>> the >>>>>> user based on a token before they are redirected to the login page. >>>>>> >>>>>> Does anyone have a clue how I might go about doing that? >>>>>> >>>>>> Unfortunately most places I've looked to over ride the sequence are >>>>>> marked >>>>>> final for some reason, which makes things difficult. I'm actually at >>>>>> the >>>>>> point now where I'm thinking of writing a new auth-roles based on the >>>>>> current lib, but I thought I'd ask first. >>>>>> >>>>>> ... and no, I don't want to use the other more complex security lib... >>>>>> auth-roles is very nice and simple to use and suitable for most >>>>>> applications. >>>>>> >>>>>> - Brill Pappin >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: users-unsubscribe@... >>>>>> For additional commands, e-mail: users-help@... >>>>>> >>>>>> >>>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: users-unsubscribe@... >>>>> For additional commands, e-mail: users-help@... >>>>> >>>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscribe@... >>>> For additional commands, e-mail: users-help@... >>>> >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscribe@... >>> For additional commands, e-mail: users-help@... >>> >>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscribe@... >> For additional commands, e-mail: users-help@... >> >> > -- > > Erik van Oosten > http://day-to-day-stuff.blogspot.com/ > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@... > For additional commands, e-mail: users-help@... > > |
| Free embeddable forum powered by Nabble | Forum Help |
