You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Mike Dee <md...@cardeatech.com> on 2010/09/16 16:57:03 UTC
Wicket-auth annotations to hide a link problem
I am trying to hide a link based on a user's role. Using the example in
Wicket in Action (book), it suggests annotations can be used to do this.
Here is what I'm doing:
public class HomePage extends WebPage
{
public HomePage()
{
add( new ExampleLink( "exampleLink", ExamplePage.class ) );
}
@AuthorizeInstantiation("ADMIN")
private class ExampleLink extends BookmarkablePageLink
{
public ExampleLink( String id, Class pageClass )
{
super( id, pageClass );
}
}
}
That doesn't seem to work, however. Now the HomePage doesn't load at all -
almost as if the annotation were on HomePage.
Any suggestions?
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p2542360.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wicket-auth annotations to hide a link problem
Posted by Ivana <iv...@gmail.com>.
I just found this works - but has other problems:
I have a page with a menu made of links. The links replace the main panel
the user is looking at. Depending on user role, some panels are not
available and the corresponding links are not shown.
I have implemented this like this:
@AuthorizeAction(action = Action.RENDER, roles = { Roles.internal })
class InternalAjaxReplacementLink extends AjaxFallbackLink{
... replace panel, change/append css styles
}
@AuthorizeAction(action = Action.RENDER, roles = {Roles.public,
Roles.internal })
class PublicAjaxReplacementLink extends AjaxFallbackLink{
... replace panel, change/append css styles
}On my page i add the links, according to which users should have access to
which resources - and this works.
A user that has only the 'public' role sees only the links leading to public
resources, internal users see more resources.
Except: the welcome panel is accesible to both 'internal' and 'public'
user-roles. When 'internal' users click an InternalAjaxReplacementLink, the
container asks them to authenticate again before they can continue. Nothing
happens with this new login: i have tried loggin in as a different
authorized user and the original credentials are not overwritten. What is
going on?
I'm using tomcat form based security while developing. I intend to replace
this in the near future with spring security.
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p3025671.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wicket-auth annotations to hide a link problem
Posted by Mike Dee <md...@cardeatech.com>.
I think I've resolved this. Hopefully, someone else will find this useful.
After going through the wicket source code, it appears the proper way to do
this is like this:
public class HomePage extends WebPage
{
public HomePage()
{
add( new ExampleLink( "exampleLink", ExamplePage.class ) );
}
// ** THIS IS THE WAY TO ANNOTATE A LINK WITH WICKET-AUTH'S
ATTRIBUTES **
// This hides the link for all but the ADMIN role.
@AuthorizeAction(action = "RENDER", roles = { "ADMIN" })
private class ExampleLink extends BookmarkablePageLink
{
public ExampleLink( String id, Class pageClass )
{
super( id, pageClass );
}
}
}
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p2547139.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wicket-auth annotations to hide a link problem
Posted by James Carman <ja...@carmanconsulting.com>.
I have some code which makes the visibility, enabled, etc. for form
components more declarative by doing stuff like:
ContextUtils.setEnabled(component, EditMode.UPDATE, EditMode.CREATE);
Then, later, you'd do:
ContextUtils.setContext(form, EditMode.UPDATE);
Then, everything that was marked to be enabled (if you don't
specifically declare it, it doesn't touch it) is set to enabled.
On Sun, Sep 19, 2010 at 8:54 AM, Mike Dee <md...@cardeatech.com> wrote:
>
> Overriding isVisible() works. It would be nice if the annotation worked
> though, would save some repetitive code.
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p2545850.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wicket-auth annotations to hide a link problem
Posted by Mike Dee <md...@cardeatech.com>.
Overriding isVisible() works. It would be nice if the annotation worked
though, would save some repetitive code.
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p2545850.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Wicket-auth annotations to hide a link problem
Posted by James Carman <ja...@carmanconsulting.com>.
try overriding isEnabled() or isVisible() and look for the role.
On Thu, Sep 16, 2010 at 10:57 AM, Mike Dee <md...@cardeatech.com> wrote:
>
> I am trying to hide a link based on a user's role. Using the example in
> Wicket in Action (book), it suggests annotations can be used to do this.
> Here is what I'm doing:
>
> public class HomePage extends WebPage
> {
> public HomePage()
> {
> add( new ExampleLink( "exampleLink", ExamplePage.class ) );
> }
>
>
> @AuthorizeInstantiation("ADMIN")
> private class ExampleLink extends BookmarkablePageLink
> {
> public ExampleLink( String id, Class pageClass )
> {
> super( id, pageClass );
> }
> }
> }
>
> That doesn't seem to work, however. Now the HomePage doesn't load at all -
> almost as if the annotation were on HomePage.
>
> Any suggestions?
>
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Wicket-auth-annotations-to-hide-a-link-problem-tp2542360p2542360.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org