You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Riccardo Trombini <ri...@csnc.ch> on 2010/01/29 16:34:17 UTC
Authorization with Wicket
Hi
I wrote an AuthorizationManager which checks if a user is authorized to
access a given resource.
An an example, I have an "EditPage" to edit articles. Only users with
the write privilege should be able to access this page.
I call therefor the AuthorizationManager.authorize(); Method to check
the authorization.
It looks like this :
public class Editor extends BasePage{
public Editor(final Article article) {
if(!AuthorizationManager.authorize(AuthorizationManager.WRITE,
article)){
setResponsePage(new UserAccessViolationPage());
}
else{
....
}
}
This Function returns true or false. I want now that if it returns false
that the users gets redirected to an errorpage. How can I do that ? with
the code you see above I am not able to do that, cause it generates an
internal error. Wicket does still want to render all the markups in the
Editor.html.
An other way I tried out is by throwing an UserAccessViolationException
(extends Exception) and implemented a custom errorpage for this. This
works as long as I don't have this code snipped to call the EditorPage:
public class ArticleManager extends WebPage {
public ArticleManager(String id){
AjaxLink editButton = new AjaxLink("editButton") {
@Override
public void onClick(AjaxRequestTarget target) {
setResponsePage(new Editor(article,
panelIndex));
}
};
Cause I am not able to advance the AjaxLink("editButton") with "throws
UserAccessViolation".
I have to insert the try/catch block and then redirect. But I think is
is really dirty.
Has someonelse a solution for this ?
Thank you very much !
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Authorization with Wicket
Posted by Luca Provenzani <eu...@gmail.com>.
why don't:
public class ArticleManager extends WebPage {
public ArticleManager(String id){
AjaxLink editButton = new AjaxLink("editButton") {
@Override
public void onClick(AjaxRequestTarget target) {
if(!AuthorizationManager.authorize(AuthorizationManager.WRITE,article)){
> setResponsePage(new
> UserAccessViolationPage());
> }
> else{
> setResponsePage(new
> Editor(article,panelIndex));
> }
}
};
Regards
Luca Provenzani
2010/1/29 Riccardo Trombini <ri...@csnc.ch>
> Hi
>
> I wrote an AuthorizationManager which checks if a user is authorized to
> access a given resource.
> An an example, I have an "EditPage" to edit articles. Only users with
> the write privilege should be able to access this page.
> I call therefor the AuthorizationManager.authorize(); Method to check
> the authorization.
> It looks like this :
>
> public class Editor extends BasePage{
>
> public Editor(final Article article) {
>
>
> if(!AuthorizationManager.authorize(AuthorizationManager.WRITE,
> article)){
> setResponsePage(new UserAccessViolationPage());
> }
> else{
> ....
> }
> }
>
> This Function returns true or false. I want now that if it returns false
> that the users gets redirected to an errorpage. How can I do that ? with
> the code you see above I am not able to do that, cause it generates an
> internal error. Wicket does still want to render all the markups in the
> Editor.html.
>
> An other way I tried out is by throwing an UserAccessViolationException
> (extends Exception) and implemented a custom errorpage for this. This
> works as long as I don't have this code snipped to call the EditorPage:
>
>
> public class ArticleManager extends WebPage {
>
> public ArticleManager(String id){
>
> AjaxLink editButton = new AjaxLink("editButton") {
>
> @Override
> public void onClick(AjaxRequestTarget target) {
> setResponsePage(new Editor(article,
> panelIndex));
> }
> };
>
> Cause I am not able to advance the AjaxLink("editButton") with "throws
> UserAccessViolation".
> I have to insert the try/catch block and then redirect. But I think is
> is really dirty.
>
> Has someonelse a solution for this ?
> Thank you very much !
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>