...
In order to weave the extended session into you your Wicket application, your application should extend Wicket-auth-roles's Authenticated AuthenticatedWebApplication. (See method getWebSessionClass
below.) The other function of the appliction instance is to configure which components need authentication. There are 2 ways to do so. This example runs on Java 1.4 and therefore you can only use the {MetaDataRoleAuthorizationStrategy}}. If you are running on Java 5 or higher, you can also use the annotations based approach. Look at the source code in Wicket-auth-roles-example for inspiration.
...