You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Ned Collyer <ne...@gmail.com> on 2008/05/01 08:35:36 UTC
Question about IAuthorizationStrategy
Why is isInstantiationAuthorized(Class componentClass) only called after
instantiation?
eg,
isInstantiationAuthorized(component.getClass())
Been driving me crazy - u'd expect this to be called before instantiation.
I'm curious because it's probably been done for a good reason.
--
View this message in context: http://www.nabble.com/Question-about-IAuthorizationStrategy-tp16993036p16993036.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Question about IAuthorizationStrategy
Posted by Johan Compagner <jc...@gmail.com>.
And dont think the component is instantiated compoletely!
Only the Component class is there all others are not 'done' yet.
But why is this a problem?
On 5/1/08, Ned Collyer <ne...@gmail.com> wrote:
>
> Why is isInstantiationAuthorized(Class componentClass) only called after
> instantiation?
>
> eg,
> isInstantiationAuthorized(component.getClass())
>
> Been driving me crazy - u'd expect this to be called before instantiation.
>
> I'm curious because it's probably been done for a good reason.
> --
> View this message in context:
> http://www.nabble.com/Question-about-IAuthorizationStrategy-tp16993036p16993036.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Question about IAuthorizationStrategy
Posted by Jonathan Locke <jo...@gmail.com>.
component authorization piggy backs on component instantiation listeners:
public Component(final String id)
{
setId(id);
getApplication().notifyComponentInstantiationListeners(this);
as you can see, it is not called /after/ instantiation (although super
constructors will have run already), but during construction. i don't see
any alternative to this approach as components (including pages) can be
instantiated in wicket via the new operator. it's only at the second line
of Component's constructor above that we notify any component instantiation
listeners and one of those is an authorization listener. make sense?
Ned Collyer wrote:
>
> Why is isInstantiationAuthorized(Class componentClass) only called after
> instantiation?
>
> eg,
> isInstantiationAuthorized(component.getClass())
>
> Been driving me crazy - u'd expect this to be called before instantiation.
>
> I'm curious because it's probably been done for a good reason.
>
--
View this message in context: http://www.nabble.com/Question-about-IAuthorizationStrategy-tp16993036p16995059.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Question about IAuthorizationStrategy
Posted by Ned Collyer <ne...@gmail.com>.
Fair point :)
I was surprised because it was happening for the HomePage i have, which is
only ever referenced by class (in my app), and comes out of the page factory
- which you do control.
I think you're probably doing the right thing - it would be a nightmare to
handle it differently depending on teh component.
I was passing an authenticated users variable to the super of my home page -
which of course would throw an exception because the user in the session
didnt exist when the page was being instantiated - instead of going to the
signin page.
I've got a fix, but was just curious.
On Thu, May 1, 2008 at 4:41 PM, Igor Vaynberg <ig...@gmail.com>
wrote:
> how about because of the fact we cant magically intercept
> instantiation before it happens without using some magic like managed
> aop container or load time/compile time bytecode instrumentation
>
> -igor
>
>
Re: Question about IAuthorizationStrategy
Posted by Igor Vaynberg <ig...@gmail.com>.
how about because of the fact we cant magically intercept
instantiation before it happens without using some magic like managed
aop container or load time/compile time bytecode instrumentation
-igor
On Wed, Apr 30, 2008 at 11:35 PM, Ned Collyer <ne...@gmail.com> wrote:
>
> Why is isInstantiationAuthorized(Class componentClass) only called after
> instantiation?
>
> eg,
> isInstantiationAuthorized(component.getClass())
>
> Been driving me crazy - u'd expect this to be called before instantiation.
>
> I'm curious because it's probably been done for a good reason.
> --
> View this message in context: http://www.nabble.com/Question-about-IAuthorizationStrategy-tp16993036p16993036.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org