You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Martin Makundi <ma...@koodaripalvelut.com> on 2010/07/15 16:26:12 UTC
How to prevent rendering of unauthorized components?
Hi!
I would like to avoid this error, to prevent the render alltogether.
How can I do that?
2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
RequestCycle - Component [Page class =
com.mycompany.application.view.application.MainPage, id = 0, version =
3, ajax = 1] does not permit action RENDER
org.apache.wicket.authorization.UnauthorizedActionException: Component
[Page class = com.mycompany.application.view.application.MainPage, id
= 0, version = 3, ajax = 1] does not permit action RENDER
at org.apache.wicket.Page.renderPage(Page.java:876)
at org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
at org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
at org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
**
Martin
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: How to prevent rendering of unauthorized components?
Posted by Martin Makundi <ma...@koodaripalvelut.com>.
I am not rendering the page.. wicket is. Probably user has bookmarked
a page and logged off and tries to log in again using the bookmark...
or something. Really quite strange and I think wicket should take care
of it transparently without exception.
**
Martin
2010/7/19 Pedro Santos <pe...@gmail.com>:
> Hi Martin, I'm suspect answering this question, because I like the current
> design that treat authorization restriction as an exception. You can
> override the logRuntimeException method on your app RequestCycle and
> implement rules to hide the authorization exception from the log.
> About to have an clean redirect to login, it would to be possible if you
> know that the page will to have some restriction before you start render it.
>
> AbstractRequestCycleProcessor
>
> On Fri, Jul 16, 2010 at 5:31 PM, Martin Makundi <
> martin.makundi@koodaripalvelut.com> wrote:
>
>> Hi!
>>
>> This is what I have:
>>
>> /**
>> * @see
>> org.apache.wicket.RequestCycle#onRuntimeException(org.apache.wicket.Page,
>> java.lang.RuntimeException)
>> */
>> @Override
>> public Page onRuntimeException(Page page, RuntimeException e) {
>> if ((e instanceof PageExpiredException) || (e instanceof
>> AuthorizationException)) {
>> return getEffectiveLoginPage();
>> } ...
>>
>> /**
>> * @see
>> org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component,
>> org.apache.wicket.authorization.Action)
>> */
>> @Override
>> public boolean isActionAuthorized(Component component, Action action) {
>> if (instanceOf(component.getClass(), Page.class)) {
>> return isPageAuthorized(component.getClass());
>> }
>>
>> return super.isActionAuthorized(component, action);
>> }
>>
>>
>> Now the problem is that despite the above, I get the render exception
>> though I would expect that it renders login page. The exception looks
>> nasty on logs and is unnecessary because it should be a clean redirect
>> to login.
>>
>> What do you propose?
>>
>> **
>> Martin
>>
>>
>> > Hi Martin, the AuthorizationException handle mechanism that redirect
>> > response to the AccessDeniedPage is implemented at
>> > AbstractRequestCycleProcessor response method.
>> > You can set the "onunauthorizedaccess" page at the accessDeniedPage
>> property
>> > on the ApplicationSettings.
>> > I don't understand what do you mean by: avoiding the error, because you
>> can
>> > just remove the action restriction from the erroneous component.
>> >
>> > On Fri, Jul 16, 2010 at 3:06 PM, Martin Makundi <
>> > martin.makundi@koodaripalvelut.com> wrote:
>> >
>> >> Do you have an idea where the leak occurs so I can prevent this?
>> >>
>> >> **
>> >> Martin
>> >>
>> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
>> >> > I would have thought that wicket auth would pick it up and intercept
>> the
>> >> > request in the request cycle and redirect.. Aparrently the last
>> >> > bit(redirecting) are missing.. You should be able to implement this
>> >> > yourself.. I know this is vague. I'd start by looking in the source of
>> >> > wicket auth..
>> >> >
>> >> > regards Nino
>> >> >
>> >> > 2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
>> >> >
>> >> >> I get this exception.. I don't want it ;] I want wicket to serve
>> >> >> "onunauthorizedaccess" page.
>> >> >>
>> >> >> **
>> >> >> Martin
>> >> >>
>> >> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
>> >> >> > Hmm do you end up with an exception or?
>> >> >> >
>> >> >> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
>> >> >> >
>> >> >> >> Hi!
>> >> >> >>
>> >> >> >> I would like to avoid this error, to prevent the render
>> alltogether.
>> >> >> >> How can I do that?
>> >> >> >>
>> >> >> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568]
>> ERROR
>> >> >> >> RequestCycle - Component [Page class =
>> >> >> >> com.mycompany.application.view.application.MainPage, id = 0,
>> version
>> >> =
>> >> >> >> 3, ajax = 1] does not permit action RENDER
>> >> >> >> org.apache.wicket.authorization.UnauthorizedActionException:
>> >> Component
>> >> >> >> [Page class = com.mycompany.application.view.application.MainPage,
>> id
>> >> >> >> = 0, version = 3, ajax = 1] does not permit action RENDER
>> >> >> >> at org.apache.wicket.Page.renderPage(Page.java:876)
>> >> >> >> at
>> >> >> >>
>> >> >>
>> >>
>> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
>> >> >> >> at
>> >> >> >>
>> >> >>
>> >>
>> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
>> >> >> >> at
>> >> >> >>
>> >> >>
>> >>
>> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
>> >> >> >> at
>> org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
>> >> >> >>
>> >> >> >>
>> >> >> >> **
>> >> >> >> Martin
>> >> >> >>
>> >> >> >>
>> ---------------------------------------------------------------------
>> >> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> >> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >> >> >>
>> >> >> >>
>> >> >> >
>> >> >>
>> >> >> ---------------------------------------------------------------------
>> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >> >>
>> >> >>
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >>
>> >>
>> >
>> >
>> > --
>> > Pedro Henrique Oliveira dos Santos
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>
>
> --
> Pedro Henrique Oliveira dos Santos
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: How to prevent rendering of unauthorized components?
Posted by Pedro Santos <pe...@gmail.com>.
Hi Martin, I'm suspect answering this question, because I like the current
design that treat authorization restriction as an exception. You can
override the logRuntimeException method on your app RequestCycle and
implement rules to hide the authorization exception from the log.
About to have an clean redirect to login, it would to be possible if you
know that the page will to have some restriction before you start render it.
AbstractRequestCycleProcessor
On Fri, Jul 16, 2010 at 5:31 PM, Martin Makundi <
martin.makundi@koodaripalvelut.com> wrote:
> Hi!
>
> This is what I have:
>
> /**
> * @see
> org.apache.wicket.RequestCycle#onRuntimeException(org.apache.wicket.Page,
> java.lang.RuntimeException)
> */
> @Override
> public Page onRuntimeException(Page page, RuntimeException e) {
> if ((e instanceof PageExpiredException) || (e instanceof
> AuthorizationException)) {
> return getEffectiveLoginPage();
> } ...
>
> /**
> * @see
> org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component,
> org.apache.wicket.authorization.Action)
> */
> @Override
> public boolean isActionAuthorized(Component component, Action action) {
> if (instanceOf(component.getClass(), Page.class)) {
> return isPageAuthorized(component.getClass());
> }
>
> return super.isActionAuthorized(component, action);
> }
>
>
> Now the problem is that despite the above, I get the render exception
> though I would expect that it renders login page. The exception looks
> nasty on logs and is unnecessary because it should be a clean redirect
> to login.
>
> What do you propose?
>
> **
> Martin
>
>
> > Hi Martin, the AuthorizationException handle mechanism that redirect
> > response to the AccessDeniedPage is implemented at
> > AbstractRequestCycleProcessor response method.
> > You can set the "onunauthorizedaccess" page at the accessDeniedPage
> property
> > on the ApplicationSettings.
> > I don't understand what do you mean by: avoiding the error, because you
> can
> > just remove the action restriction from the erroneous component.
> >
> > On Fri, Jul 16, 2010 at 3:06 PM, Martin Makundi <
> > martin.makundi@koodaripalvelut.com> wrote:
> >
> >> Do you have an idea where the leak occurs so I can prevent this?
> >>
> >> **
> >> Martin
> >>
> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
> >> > I would have thought that wicket auth would pick it up and intercept
> the
> >> > request in the request cycle and redirect.. Aparrently the last
> >> > bit(redirecting) are missing.. You should be able to implement this
> >> > yourself.. I know this is vague. I'd start by looking in the source of
> >> > wicket auth..
> >> >
> >> > regards Nino
> >> >
> >> > 2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
> >> >
> >> >> I get this exception.. I don't want it ;] I want wicket to serve
> >> >> "onunauthorizedaccess" page.
> >> >>
> >> >> **
> >> >> Martin
> >> >>
> >> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
> >> >> > Hmm do you end up with an exception or?
> >> >> >
> >> >> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
> >> >> >
> >> >> >> Hi!
> >> >> >>
> >> >> >> I would like to avoid this error, to prevent the render
> alltogether.
> >> >> >> How can I do that?
> >> >> >>
> >> >> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568]
> ERROR
> >> >> >> RequestCycle - Component [Page class =
> >> >> >> com.mycompany.application.view.application.MainPage, id = 0,
> version
> >> =
> >> >> >> 3, ajax = 1] does not permit action RENDER
> >> >> >> org.apache.wicket.authorization.UnauthorizedActionException:
> >> Component
> >> >> >> [Page class = com.mycompany.application.view.application.MainPage,
> id
> >> >> >> = 0, version = 3, ajax = 1] does not permit action RENDER
> >> >> >> at org.apache.wicket.Page.renderPage(Page.java:876)
> >> >> >> at
> >> >> >>
> >> >>
> >>
> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
> >> >> >> at
> >> >> >>
> >> >>
> >>
> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
> >> >> >> at
> >> >> >>
> >> >>
> >>
> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
> >> >> >> at
> org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
> >> >> >>
> >> >> >>
> >> >> >> **
> >> >> >> Martin
> >> >> >>
> >> >> >>
> ---------------------------------------------------------------------
> >> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> >> >> For additional commands, e-mail: users-help@wicket.apache.org
> >> >> >>
> >> >> >>
> >> >> >
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> >> For additional commands, e-mail: users-help@wicket.apache.org
> >> >>
> >> >>
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> For additional commands, e-mail: users-help@wicket.apache.org
> >>
> >>
> >
> >
> > --
> > Pedro Henrique Oliveira dos Santos
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
--
Pedro Henrique Oliveira dos Santos
Re: How to prevent rendering of unauthorized components?
Posted by Martin Makundi <ma...@koodaripalvelut.com>.
Hi!
This is what I have:
/**
* @see org.apache.wicket.RequestCycle#onRuntimeException(org.apache.wicket.Page,
java.lang.RuntimeException)
*/
@Override
public Page onRuntimeException(Page page, RuntimeException e) {
if ((e instanceof PageExpiredException) || (e instanceof
AuthorizationException)) {
return getEffectiveLoginPage();
} ...
/**
* @see org.apache.wicket.authorization.strategies.page.AbstractPageAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component,
org.apache.wicket.authorization.Action)
*/
@Override
public boolean isActionAuthorized(Component component, Action action) {
if (instanceOf(component.getClass(), Page.class)) {
return isPageAuthorized(component.getClass());
}
return super.isActionAuthorized(component, action);
}
Now the problem is that despite the above, I get the render exception
though I would expect that it renders login page. The exception looks
nasty on logs and is unnecessary because it should be a clean redirect
to login.
What do you propose?
**
Martin
> Hi Martin, the AuthorizationException handle mechanism that redirect
> response to the AccessDeniedPage is implemented at
> AbstractRequestCycleProcessor response method.
> You can set the "onunauthorizedaccess" page at the accessDeniedPage property
> on the ApplicationSettings.
> I don't understand what do you mean by: avoiding the error, because you can
> just remove the action restriction from the erroneous component.
>
> On Fri, Jul 16, 2010 at 3:06 PM, Martin Makundi <
> martin.makundi@koodaripalvelut.com> wrote:
>
>> Do you have an idea where the leak occurs so I can prevent this?
>>
>> **
>> Martin
>>
>> 2010/7/16 nino martinez wael <ni...@gmail.com>:
>> > I would have thought that wicket auth would pick it up and intercept the
>> > request in the request cycle and redirect.. Aparrently the last
>> > bit(redirecting) are missing.. You should be able to implement this
>> > yourself.. I know this is vague. I'd start by looking in the source of
>> > wicket auth..
>> >
>> > regards Nino
>> >
>> > 2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
>> >
>> >> I get this exception.. I don't want it ;] I want wicket to serve
>> >> "onunauthorizedaccess" page.
>> >>
>> >> **
>> >> Martin
>> >>
>> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
>> >> > Hmm do you end up with an exception or?
>> >> >
>> >> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
>> >> >
>> >> >> Hi!
>> >> >>
>> >> >> I would like to avoid this error, to prevent the render alltogether.
>> >> >> How can I do that?
>> >> >>
>> >> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
>> >> >> RequestCycle - Component [Page class =
>> >> >> com.mycompany.application.view.application.MainPage, id = 0, version
>> =
>> >> >> 3, ajax = 1] does not permit action RENDER
>> >> >> org.apache.wicket.authorization.UnauthorizedActionException:
>> Component
>> >> >> [Page class = com.mycompany.application.view.application.MainPage, id
>> >> >> = 0, version = 3, ajax = 1] does not permit action RENDER
>> >> >> at org.apache.wicket.Page.renderPage(Page.java:876)
>> >> >> at
>> >> >>
>> >>
>> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
>> >> >> at
>> >> >>
>> >>
>> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
>> >> >> at
>> >> >>
>> >>
>> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
>> >> >> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
>> >> >>
>> >> >>
>> >> >> **
>> >> >> Martin
>> >> >>
>> >> >> ---------------------------------------------------------------------
>> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >> >>
>> >> >>
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >>
>> >>
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>
>
> --
> Pedro Henrique Oliveira dos Santos
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: How to prevent rendering of unauthorized components?
Posted by Pedro Santos <pe...@gmail.com>.
Hi Martin, the AuthorizationException handle mechanism that redirect
response to the AccessDeniedPage is implemented at
AbstractRequestCycleProcessor response method.
You can set the "onunauthorizedaccess" page at the accessDeniedPage property
on the ApplicationSettings.
I don't understand what do you mean by: avoiding the error, because you can
just remove the action restriction from the erroneous component.
On Fri, Jul 16, 2010 at 3:06 PM, Martin Makundi <
martin.makundi@koodaripalvelut.com> wrote:
> Do you have an idea where the leak occurs so I can prevent this?
>
> **
> Martin
>
> 2010/7/16 nino martinez wael <ni...@gmail.com>:
> > I would have thought that wicket auth would pick it up and intercept the
> > request in the request cycle and redirect.. Aparrently the last
> > bit(redirecting) are missing.. You should be able to implement this
> > yourself.. I know this is vague. I'd start by looking in the source of
> > wicket auth..
> >
> > regards Nino
> >
> > 2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
> >
> >> I get this exception.. I don't want it ;] I want wicket to serve
> >> "onunauthorizedaccess" page.
> >>
> >> **
> >> Martin
> >>
> >> 2010/7/16 nino martinez wael <ni...@gmail.com>:
> >> > Hmm do you end up with an exception or?
> >> >
> >> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
> >> >
> >> >> Hi!
> >> >>
> >> >> I would like to avoid this error, to prevent the render alltogether.
> >> >> How can I do that?
> >> >>
> >> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
> >> >> RequestCycle - Component [Page class =
> >> >> com.mycompany.application.view.application.MainPage, id = 0, version
> =
> >> >> 3, ajax = 1] does not permit action RENDER
> >> >> org.apache.wicket.authorization.UnauthorizedActionException:
> Component
> >> >> [Page class = com.mycompany.application.view.application.MainPage, id
> >> >> = 0, version = 3, ajax = 1] does not permit action RENDER
> >> >> at org.apache.wicket.Page.renderPage(Page.java:876)
> >> >> at
> >> >>
> >>
> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
> >> >> at
> >> >>
> >>
> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
> >> >> at
> >> >>
> >>
> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
> >> >> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
> >> >>
> >> >>
> >> >> **
> >> >> Martin
> >> >>
> >> >> ---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> >> For additional commands, e-mail: users-help@wicket.apache.org
> >> >>
> >> >>
> >> >
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> For additional commands, e-mail: users-help@wicket.apache.org
> >>
> >>
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
--
Pedro Henrique Oliveira dos Santos
Re: How to prevent rendering of unauthorized components?
Posted by Martin Makundi <ma...@koodaripalvelut.com>.
Do you have an idea where the leak occurs so I can prevent this?
**
Martin
2010/7/16 nino martinez wael <ni...@gmail.com>:
> I would have thought that wicket auth would pick it up and intercept the
> request in the request cycle and redirect.. Aparrently the last
> bit(redirecting) are missing.. You should be able to implement this
> yourself.. I know this is vague. I'd start by looking in the source of
> wicket auth..
>
> regards Nino
>
> 2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
>
>> I get this exception.. I don't want it ;] I want wicket to serve
>> "onunauthorizedaccess" page.
>>
>> **
>> Martin
>>
>> 2010/7/16 nino martinez wael <ni...@gmail.com>:
>> > Hmm do you end up with an exception or?
>> >
>> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
>> >
>> >> Hi!
>> >>
>> >> I would like to avoid this error, to prevent the render alltogether.
>> >> How can I do that?
>> >>
>> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
>> >> RequestCycle - Component [Page class =
>> >> com.mycompany.application.view.application.MainPage, id = 0, version =
>> >> 3, ajax = 1] does not permit action RENDER
>> >> org.apache.wicket.authorization.UnauthorizedActionException: Component
>> >> [Page class = com.mycompany.application.view.application.MainPage, id
>> >> = 0, version = 3, ajax = 1] does not permit action RENDER
>> >> at org.apache.wicket.Page.renderPage(Page.java:876)
>> >> at
>> >>
>> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
>> >> at
>> >>
>> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
>> >> at
>> >>
>> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
>> >> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
>> >>
>> >>
>> >> **
>> >> Martin
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> >> For additional commands, e-mail: users-help@wicket.apache.org
>> >>
>> >>
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: How to prevent rendering of unauthorized components?
Posted by nino martinez wael <ni...@gmail.com>.
I would have thought that wicket auth would pick it up and intercept the
request in the request cycle and redirect.. Aparrently the last
bit(redirecting) are missing.. You should be able to implement this
yourself.. I know this is vague. I'd start by looking in the source of
wicket auth..
regards Nino
2010/7/16 Martin Makundi <ma...@koodaripalvelut.com>
> I get this exception.. I don't want it ;] I want wicket to serve
> "onunauthorizedaccess" page.
>
> **
> Martin
>
> 2010/7/16 nino martinez wael <ni...@gmail.com>:
> > Hmm do you end up with an exception or?
> >
> > 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
> >
> >> Hi!
> >>
> >> I would like to avoid this error, to prevent the render alltogether.
> >> How can I do that?
> >>
> >> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
> >> RequestCycle - Component [Page class =
> >> com.mycompany.application.view.application.MainPage, id = 0, version =
> >> 3, ajax = 1] does not permit action RENDER
> >> org.apache.wicket.authorization.UnauthorizedActionException: Component
> >> [Page class = com.mycompany.application.view.application.MainPage, id
> >> = 0, version = 3, ajax = 1] does not permit action RENDER
> >> at org.apache.wicket.Page.renderPage(Page.java:876)
> >> at
> >>
> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
> >> at
> >>
> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
> >> at
> >>
> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
> >> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
> >>
> >>
> >> **
> >> Martin
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> >> For additional commands, e-mail: users-help@wicket.apache.org
> >>
> >>
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
Re: How to prevent rendering of unauthorized components?
Posted by Martin Makundi <ma...@koodaripalvelut.com>.
I get this exception.. I don't want it ;] I want wicket to serve
"onunauthorizedaccess" page.
**
Martin
2010/7/16 nino martinez wael <ni...@gmail.com>:
> Hmm do you end up with an exception or?
>
> 2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
>
>> Hi!
>>
>> I would like to avoid this error, to prevent the render alltogether.
>> How can I do that?
>>
>> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
>> RequestCycle - Component [Page class =
>> com.mycompany.application.view.application.MainPage, id = 0, version =
>> 3, ajax = 1] does not permit action RENDER
>> org.apache.wicket.authorization.UnauthorizedActionException: Component
>> [Page class = com.mycompany.application.view.application.MainPage, id
>> = 0, version = 3, ajax = 1] does not permit action RENDER
>> at org.apache.wicket.Page.renderPage(Page.java:876)
>> at
>> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
>> at
>> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
>> at
>> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
>> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
>>
>>
>> **
>> Martin
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
>> For additional commands, e-mail: users-help@wicket.apache.org
>>
>>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: How to prevent rendering of unauthorized components?
Posted by nino martinez wael <ni...@gmail.com>.
Hmm do you end up with an exception or?
2010/7/15 Martin Makundi <ma...@koodaripalvelut.com>
> Hi!
>
> I would like to avoid this error, to prevent the render alltogether.
> How can I do that?
>
> 2010-07-15 17:15:52,117 75919560 [24056245@qtp-13963314-568] ERROR
> RequestCycle - Component [Page class =
> com.mycompany.application.view.application.MainPage, id = 0, version =
> 3, ajax = 1] does not permit action RENDER
> org.apache.wicket.authorization.UnauthorizedActionException: Component
> [Page class = com.mycompany.application.view.application.MainPage, id
> = 0, version = 3, ajax = 1] does not permit action RENDER
> at org.apache.wicket.Page.renderPage(Page.java:876)
> at
> org.apache.wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:63)
> at
> org.apache.wicket.request.AbstractRequestCycleProcessor.respond(AbstractRequestCycleProcessor.java:105)
> at
> org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1258)
> at org.apache.wicket.RequestCycle.step(RequestCycle.java:1329)
>
>
> **
> Martin
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>