You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@wicket.apache.org by Shawn McKinney <mc...@att.net> on 2013/09/09 04:58:25 UTC

Securing Wicket 6.x Applications with Java EE, Spring & Jetty

Hello,

I am a new subscriber to the Wicket users list but have been using the 
Wicket framework for about 3 years.

Recently I published an article documenting an approach my company uses 
to secure Wicket applications.  It uses a combination of Java EE 
container security, Spring security and a few custom wicket components 
(for controlling view of component by role and permission).

http://iamfortress.org/WicketSecurity

There is also a sample Wicket application using these controls on GIT Hub.

https://github.com/shawnmckinney/wicketsecurity

I plan on publishing another document later that goes beyond the simple 
Jetty security provider by introducing policy enforcement mechanisms 
more suitable for production.

Comments are welcome.

Regards,

Shawn

Re: Securing Wicket 6.x Applications with Java EE, Spring & Jetty

Posted by Shawn McKinney <mc...@att.net>.

On 09/09/2013 01:21 AM, Martin Grigorov wrote:
> Thank you very much for sharing your knowledge with us, Shawn!
> Please let us know when you publish the second document.

My pleasure Martin.  I've been using this forum and it's time for me to 
contribute something.  Hope it helps.

Shawn

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org

Re: Securing Wicket 6.x Applications with Java EE, Spring & Jetty

Posted by Martin Grigorov <mg...@apache.org>.

Thank you very much for sharing your knowledge with us, Shawn!
Please let us know when you publish the second document.


On Mon, Sep 9, 2013 at 5:58 AM, Shawn McKinney <mc...@att.net>wrote:

> Hello,
>
> I am a new subscriber to the Wicket users list but have been using the
> Wicket framework for about 3 years.
>
> Recently I published an article documenting an approach my company uses to
> secure Wicket applications.  It uses a combination of Java EE container
> security, Spring security and a few custom wicket components (for
> controlling view of component by role and permission).
>
> http://iamfortress.org/**WicketSecurity<http://iamfortress.org/WicketSecurity>
>
> There is also a sample Wicket application using these controls on GIT Hub.
>
> https://github.com/**shawnmckinney/wicketsecurity<https://github.com/shawnmckinney/wicketsecurity>
>
> I plan on publishing another document later that goes beyond the simple
> Jetty security provider by introducing policy enforcement mechanisms more
> suitable for production.
>
> Comments are welcome.
>
> Regards,
>
> Shawn
>
>
>