THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Component level Authorization
This example demonstrates the powerful component level authorization available in Wicket.
Lets say you have tag interface AdminComponent
. All your admin components implement this interface.
all you have to do is
public class MyAuthStrat implements IAuthorizationStrategy { boolean isInstantioantionAuthorizer() { return true; } boolean isActionAuthorized(Component c, Action action) { if (c instanceof AdminComponent) { if (action.equals(Component.RENDER)||action.equals(Component.ENABLE)) { User user= Session.get().getUser(); return user != null && user.isadmin(); } } } }
and in your application class:
myapplication.init() { getSecuritySettings().setAuthorizationStrategy(new myAuthAtrat()); }
What these few lines of code do is give you an application wide security. Any component that implements AdminComponent
interface will now only be rendered and enabled for admin users.