List of usage examples for org.apache.wicket RestartResponseAtInterceptPageException RestartResponseAtInterceptPageException
public RestartResponseAtInterceptPageException(Class<? extends Page> interceptPageClass)
From source file:org.wicketstuff.security.checks.ComponentSecurityCheck.java
License:Apache License
/** * Checks if the user is authorized for this component. if the model is also checked both the * model and the component need to be authorized before we return true. * //from ww w . j a va2s .c o m * @return true if the component (and optionally the model) are authorized, false otherwise. * @see ISecurityCheck#isActionAuthorized(WaspAction) * @see WaspAuthorizationStrategy#isComponentAuthorized(Component, WaspAction) * @see WaspAuthorizationStrategy#isModelAuthorized(ISecureModel, Component, WaspAction) */ public boolean isActionAuthorized(WaspAction action) { if (!isAuthenticated()) throw new RestartResponseAtInterceptPageException(getLoginPage()); boolean result = getStrategy().isComponentAuthorized(getComponent(), action); if (result && checkSecureModel() && SecureComponentHelper.hasSecureModel(getComponent())) return ((ISecureModel<?>) getComponent().getDefaultModel()).isAuthorized(getComponent(), action); return result; }
From source file:org.wicketstuff.security.checks.ContainerSecurityCheck.java
License:Apache License
/** * Checks the container class./*from w w w . j a va 2 s . c o m*/ * * @see org.wicketstuff.security.checks.ComponentSecurityCheck#isActionAuthorized(org.wicketstuff.security.actions.WaspAction) */ @Override public boolean isActionAuthorized(WaspAction action) { if (enableAuthentication && !isAuthenticated()) throw new RestartResponseAtInterceptPageException(getLoginPage()); boolean result = getStrategy().isComponentAuthorized(getComponent(), action) || getStrategy().isClassAuthorized(getComponent().getClass(), action); if (result && checkSecureModel() && SecureComponentHelper.hasSecureModel(getComponent())) return ((ISecureModel<?>) getComponent().getDefaultModel()).isAuthorized(getComponent(), action); return result; }
From source file:org.wicketstuff.security.login.http.HttpAuthenticationLoginPage.java
License:Apache License
/** * Delegates authentication. Subclasses should first try there custom authentication scheme * before letting super handle the call. Subclasses should either return a boolean value (see * {@link #handleBasicAuthentication(WebRequest, WebResponse, String, String)} ) if processing * should continue or throw an exception. * //from w w w . j a va2s .c o m * @param request * @param response * @param scheme * the authentication scheme like "Basic" or "Digest" * @param param * the parameters after the scheme from the header * @throws LoginException * if the user could not be logged in. * @throws RestartResponseAtInterceptPageException * to an {@link AccessDeniedPage} if the scheme is not supported */ protected void handleAuthentication(WebRequest request, WebResponse response, String scheme, String param) throws LoginException { if (!handleBasicAuthentication(request, response, scheme, param)) return; log.error("Unsupported Http authentication type: " + scheme); throw new RestartResponseAtInterceptPageException( Application.get().getApplicationSettings().getAccessDeniedPage()); }
From source file:org.wicketstuff.security.login.http.HttpAuthenticationLoginPage.java
License:Apache License
/** * Handles authentication for the "Basic" scheme. If the scheme is not the basic scheme true is * returned so another implementation may try it. In general authentication attempts by the next * scheme should only proceed if the scheme was of the wrong type. False will generally be * returned when a) the user has been authenticated or b) the scheme is correct but another * problem arises, like missing additional headers. * //from ww w. jav a2 s .c om * @param request * @param response * @param scheme * @param param * username:password in base 64 * @return true if authentication by another scheme should be attempted, false if authentication * by another scheme should not be attempted. * @throws LoginException * If the supplied credentials do not grant enough credits for the requested * resource * @throws RestartResponseAtInterceptPageException * to the home page if the login was successfull but when there is no page to * continue to. */ protected boolean handleBasicAuthentication(WebRequest request, WebResponse response, String scheme, String param) throws LoginException { if (!"Basic".equalsIgnoreCase(scheme)) return true; if (param == null) { log.error("Username, password not supplied"); return false; } byte[] decoded = Base64.decodeBase64(param.getBytes()); String[] split = new String(decoded).split(":"); if (split == null || split.length != 2) throw new LoginException("Could not decrypt username / password"); Object loginContext = getBasicLoginContext(split[0], split[1]); Session session = Session.get(); if (session instanceof WaspSession) { if (!isAuthenticated()) ((WaspSession) session).login(loginContext); continueToOriginalDestination(); // or throw new RestartResponseAtInterceptPageException(Application.get().getHomePage()); } else log.error("Unable to find WaspSession"); return false; }
From source file:org.wicketstuff.shiro.authz.ShiroUnauthorizedComponentListener.java
License:Apache License
/** * {@inheritDoc}// w ww .ja v a2 s . co m */ public void onUnauthorizedInstantiation(final Component component) { final Subject subject = SecurityUtils.getSubject(); final boolean notLoggedIn = !subject.isAuthenticated(); final Class<? extends Page> page = notLoggedIn ? loginPage : unauthorizedPage; if (annotationStrategy != null) { final ShiroSecurityConstraint fail = annotationStrategy.checkInvalidInstantiation(component.getClass()); if (fail != null) if (notLoggedIn) addLoginMessagesAndGetPage(fail, component, page); else addUnauthorizedMessagesAndGetPage(fail, component, page); } if (notLoggedIn) // the login page throw new RestartResponseAtInterceptPageException(page); // the unauthorized page throw new RestartResponseException(page); }
From source file:ro.nextreports.server.web.NextServerApplication.java
License:Apache License
protected void addSecurityAuthorization() { Class<? extends Page> signInPageClass = LoginPage.class; if (CasUtil.isCasUsed()) { signInPageClass = CasLoginPage.class; }/*from w w w . j av a2s .c o m*/ IAuthorizationStrategy authStrategy = new SimplePageAuthorizationStrategy(SecurePage.class, signInPageClass) { @Override protected boolean isAuthorized() { boolean b = NextServerSession.get().isSignedIn(); if (!b) { if (CasUtil.isCasUsed()) { LOG.debug("Checking if context contains CAS authentication"); b = NextServerSession.get().checkForSignIn(); if (!b) { String serviceUrl = CasUtil.getServiceProperties().getService(); String loginUrl = CasUtil.getLoginUrl(); LOG.debug("cas authentication: service URL: " + serviceUrl); String redirectUrl = loginUrl + "?service=" + serviceUrl; LOG.debug("attempting to redirect to: " + redirectUrl); throw new RestartResponseAtInterceptPageException(new RedirectPage(redirectUrl)); } } } return b; } }; getSecuritySettings().setAuthorizationStrategy(authStrategy); }
From source file:rzd.vivc.ideax.wicket.autorization.XAutorisationStrategy.java
@Override public void onUnauthorizedInstantiation(Component cmpnt) { // ?//from ww w . j a v a 2 s .co m throw new RestartResponseAtInterceptPageException(LoginE.class); }