You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@wicket.apache.org by Martin Grigorov <mg...@apache.org> on 2013/06/17 11:39:15 UTC

Authorization for IResource

Hi,

https://issues.apache.org/jira/browse/WICKET-5012 explains a problem that
there is no authorization for requests to IResource.

A possible solution for this problem can be found in branch
'5012-authorize-resources'.

The diff can be seen at:
https://git-wip-us.apache.org/repos/asf/wicket/repo?p=wicket.git;a=commitdiff;h=88b5d5cb482bc7bb22e2ceb9503e5056b0e89572

It tries to follow the logic for authorizing components.
By default a request that is not authorized will lead to a response with
error code 403 (Forbidden).

Please take a look and give feedback.
Thanks!

Re: Authorization for IResource

Posted by Martin Grigorov <mg...@apache.org>.

Thanks Sven and Jeremy!
I've pushed the changed to master branch.
Let me know if you see more improvements


On Tue, Jun 18, 2013 at 4:04 PM, Jeremy Thomerson <jeremy@wickettraining.com
> wrote:

> Looks good to me.  I'd just mention one very minor thing: that there is at
> least one file that you added with Eelco / Jonathan as the @author.
>
>
> On Mon, Jun 17, 2013 at 5:39 AM, Martin Grigorov <mgrigorov@apache.org
> >wrote:
>
> > Hi,
> >
> > https://issues.apache.org/jira/browse/WICKET-5012 explains a problem
> that
> > there is no authorization for requests to IResource.
> >
> > A possible solution for this problem can be found in branch
> > '5012-authorize-resources'.
> >
> > The diff can be seen at:
> >
> >
> https://git-wip-us.apache.org/repos/asf/wicket/repo?p=wicket.git;a=commitdiff;h=88b5d5cb482bc7bb22e2ceb9503e5056b0e89572
> >
> > It tries to follow the logic for authorizing components.
> > By default a request that is not authorized will lead to a response with
> > error code 403 (Forbidden).
> >
> > Please take a look and give feedback.
> > Thanks!
> >
>
>
>
> --
> Jeremy Thomerson
> http://wickettraining.com
> *Ask me about our plans for on-line training lessons.*
>

Re: Authorization for IResource

Posted by Jeremy Thomerson <je...@wickettraining.com>.

Looks good to me.  I'd just mention one very minor thing: that there is at
least one file that you added with Eelco / Jonathan as the @author.


On Mon, Jun 17, 2013 at 5:39 AM, Martin Grigorov <mg...@apache.org>wrote:

> Hi,
>
> https://issues.apache.org/jira/browse/WICKET-5012 explains a problem that
> there is no authorization for requests to IResource.
>
> A possible solution for this problem can be found in branch
> '5012-authorize-resources'.
>
> The diff can be seen at:
>
> https://git-wip-us.apache.org/repos/asf/wicket/repo?p=wicket.git;a=commitdiff;h=88b5d5cb482bc7bb22e2ceb9503e5056b0e89572
>
> It tries to follow the logic for authorizing components.
> By default a request that is not authorized will lead to a response with
> error code 403 (Forbidden).
>
> Please take a look and give feedback.
> Thanks!
>



-- 
Jeremy Thomerson
http://wickettraining.com
*Ask me about our plans for on-line training lessons.*