List of usage examples for org.apache.wicket.authorization IAuthorizationStrategy IAuthorizationStrategy
IAuthorizationStrategy
From source file:gr.abiss.calipso.wicket.CalipsoApplication.java
License:Open Source License
@Override public void init() { super.init(); // DEVELOPMENT or DEPLOYMENT RuntimeConfigurationType configurationType = this.getConfigurationType(); if (RuntimeConfigurationType.DEVELOPMENT.equals(configurationType)) { logger.info("You are in DEVELOPMENT mode"); // getResourceSettings().setResourcePollFrequency(Duration.ONE_SECOND); // getDebugSettings().setComponentUseCheck(true); getResourceSettings().setResourcePollFrequency(null); getDebugSettings().setComponentUseCheck(false); // getDebugSettings().setSerializeSessionAttributes(true); // getMarkupSettings().setStripWicketTags(false); // getExceptionSettings().setUnexpectedExceptionDisplay( // UnexpectedExceptionDisplay.SHOW_EXCEPTION_PAGE); // getAjaxSettings().setAjaxDebugModeEnabled(true); } else if (RuntimeConfigurationType.DEPLOYMENT.equals(configurationType)) { getResourceSettings().setResourcePollFrequency(null); getDebugSettings().setComponentUseCheck(false); // getDebugSettings().setSerializeSessionAttributes(false); // getMarkupSettings().setStripWicketTags(true); // getExceptionSettings().setUnexpectedExceptionDisplay( // UnexpectedExceptionDisplay.SHOW_INTERNAL_ERROR_PAGE); // getAjaxSettings().setAjaxDebugModeEnabled(false); }//from w w w . j a va 2 s. c o m // initialize velocity try { Velocity.init(); if (logger.isInfoEnabled()) { logger.info("Initialized Velocity engine"); } } catch (Exception e) { // TODO Auto-generated catch block logger.error("Failed to initialize velocity engine", e); } // Set custom page for internal errors getApplicationSettings().setInternalErrorPage(CalipsoErrorPage.class); // don't break down on missing resources getResourceSettings().setThrowExceptionOnMissingResource(false); // Redirect to PageExpiredError Page if current page is expired getApplicationSettings().setPageExpiredErrorPage(CalipsoPageExpiredErrorPage.class); // get hold of spring managed service layer (see BasePage, BasePanel etc // for how it is used) ServletContext sc = getServletContext(); applicationContext = WebApplicationContextUtils.getWebApplicationContext(sc); calipsoService = (CalipsoService) applicationContext.getBean("calipsoService"); calipsoPropertiesEditor = new CalipsoPropertiesEditor(); // check if acegi-cas authentication is being used, get reference to // object to be used // by wicket authentication to redirect to right pages for login / // logout try { calipsoCasProxyTicketValidator = (CalipsoCasProxyTicketValidator) applicationContext .getBean("casProxyTicketValidator"); logger.info("casProxyTicketValidator retrieved from application context: " + calipsoCasProxyTicketValidator); } catch (NoSuchBeanDefinitionException nsbde) { logger.info( "casProxyTicketValidator not found in application context, CAS single-sign-on is not being used"); } // delegate wicket i18n support to spring i18n getResourceSettings().getStringResourceLoaders().add(new IStringResourceLoader() { @Override public String loadStringResource(Class<?> clazz, String key, Locale locale, String style, String variation) { return applicationContext.getMessage(key, null, null, locale); } @Override public String loadStringResource(Component component, String key, Locale locale, String style, String variation) { return applicationContext.getMessage(key, null, null, locale); } }); // add DB i18n resources getResourceSettings().getStringResourceLoaders().add(new IStringResourceLoader() { @Override public String loadStringResource(Class<?> clazz, String key, Locale locale, String style, String variation) { if (StringUtils.isNotBlank(locale.getVariant())) { // always ignore the variant locale = new Locale(locale.getLanguage(), locale.getCountry()); } String lang = locale.getLanguage(); I18nStringResource resource = CalipsoApplication.this.calipsoService .loadI18nStringResource(new I18nStringIdentifier(key, lang)); if (resource == null && !lang.equalsIgnoreCase("en")) { resource = CalipsoApplication.this.calipsoService .loadI18nStringResource(new I18nStringIdentifier(key, "en")); } return resource != null ? resource.getValue() : null; } @Override public String loadStringResource(Component component, String key, Locale locale, String style, String variation) { locale = component == null ? Session.get().getLocale() : component.getLocale(); if (StringUtils.isNotBlank(locale.getVariant())) { // always ignore the variant locale = new Locale(locale.getLanguage(), locale.getCountry()); } String lang = locale.getLanguage(); I18nStringResource resource = CalipsoApplication.this.calipsoService .loadI18nStringResource(new I18nStringIdentifier(key, lang)); if (resource == null && !lang.equalsIgnoreCase("en")) { resource = CalipsoApplication.this.calipsoService .loadI18nStringResource(new I18nStringIdentifier(key, "en")); } return resource != null ? resource.getValue() : null; } }); // cache resources. resource cache is cleared when creating/updating a space getResourceSettings().getLocalizer().setEnableCache(true); getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() { @Override public boolean isActionAuthorized(Component c, Action a) { return true; } @Override public boolean isInstantiationAuthorized(Class clazz) { if (BasePage.class.isAssignableFrom(clazz)) { if (((CalipsoSession) Session.get()).isAuthenticated()) { return true; } if (calipsoCasProxyTicketValidator != null) { // attempt CAS authentication // ========================== // logger.debug("checking if context contains CAS authentication"); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { // logger.debug("security context contains CAS authentication, initializing session"); ((CalipsoSession) Session.get()).setUser((User) authentication.getPrincipal()); return true; } } // attempt remember-me auto login // ========================== if (attemptRememberMeAutoLogin()) { return true; } // attempt *anonymous* guest access if there are // spaces that allow it if (((CalipsoSession) Session.get()).getUser() == null) { List<Space> anonymousSpaces = getCalipso().findSpacesWhereAnonymousAllowed(); if (anonymousSpaces.size() > 0) { // logger.debug("Found "+anonymousSpaces.size() // + // " anonymousSpaces allowing ANONYMOUS access, initializing anonymous user"); User guestUser = new User();//getCalipso().loadUser(2); guestUser.setLoginName("guest"); guestUser.setName("Anonymous"); guestUser.setLastname("Guest"); guestUser.setLocale(Session.get().getLocale().getLanguage()); getCalipso().initImplicitRoles(guestUser, anonymousSpaces, RoleType.ANONYMOUS); // store user in session ((CalipsoSession) Session.get()).setUser(guestUser); return true; } else { if (logger.isDebugEnabled()) { // logger.debug("Found no public spaces."); } } } // allow registration if (clazz.equals(RegisterUserFormPage.class)) { return true; } // not authenticated, go to login page // logger.debug("not authenticated, forcing login, page requested was " // + clazz.getName()); if (calipsoCasProxyTicketValidator != null) { String serviceUrl = calipsoCasProxyTicketValidator.getLoginUrl(); // .getServiceProperties().getService(); String loginUrl = calipsoCasProxyTicketValidator.getLoginUrl(); // logger.debug("cas authentication: service URL: " // + serviceUrl); String redirectUrl = loginUrl + "?service=" + serviceUrl; // logger.debug("attempting to redirect to: " + // redirectUrl); throw new RestartResponseAtInterceptPageException(new RedirectPage(redirectUrl)); } else { throw new RestartResponseAtInterceptPageException(LoginPage.class); } } return true; } }); // TODO: create friendly URLs for all created pages // friendly URLs for selected pages if (calipsoCasProxyTicketValidator != null) { mountPage("/login", CasLoginPage.class); } else { mountPage("/login", LoginPage.class); } mountPage("/register", RegisterAnonymousUserFormPage.class); mountPage("/logout", LogoutPage.class); mountPage("/svn", SvnStatsPage.class); mountPage("/test", TestPage.class); mountPage("/casError", CasLoginErrorPage.class); mountPage("/item/", ItemViewPage.class); mountPage("/item/${itemId}", ItemViewPage.class); mountPage("/itemreport/", ItemTemplateViewPage.class); mountPage("/newItem/${spaceCode}", NewItemPage.class); // MixedParamUrlCodingStrategy newItemUrls = new MixedParamUrlCodingStrategy( // "/newItem", // NewItemPage.class, // new String[]{"spaceCode"} // ); // mount(newItemUrls); //fix for tinyMCE bug, see https://github.com/wicketstuff/core/issues/113 SecurePackageResourceGuard guard = (SecurePackageResourceGuard) getResourceSettings() .getPackageResourceGuard(); guard.addPattern("+*.htm"); this.getRequestCycleSettings().setTimeout(Duration.minutes(6)); this.getPageSettings().setVersionPagesByDefault(true); this.getExceptionSettings().setThreadDumpStrategy(ThreadDumpStrategy.THREAD_HOLDING_LOCK); }
From source file:info.jtrac.wicket.JtracApplication.java
License:Apache License
@Override public void init() { super.init(); /*//from www .j a va2 s.c om * Get hold of spring managed service layer (see BasePage, BasePanel, * etc. for how it is used). */ ServletContext sc = getServletContext(); applicationContext = WebApplicationContextUtils.getWebApplicationContext(sc); jtrac = (Jtrac) applicationContext.getBean("jtrac"); /* * Check if acegi-cas authentication is being used, get reference to * object to be used by Wicket authentication to redirect to right * pages for login/logout. */ try { jtracCasProxyTicketValidator = (JtracCasProxyTicketValidator) applicationContext .getBean("casProxyTicketValidator"); logger.info("casProxyTicketValidator retrieved from application " + "context: " + jtracCasProxyTicketValidator); } catch (NoSuchBeanDefinitionException nsbde) { logger.debug(nsbde.getMessage()); logger.info("casProxyTicketValidator not found in application " + "context, CAS single-sign-on is not being used"); } /* * Delegate Wicket i18n support to spring i18n */ getResourceSettings().addStringResourceLoader(new IStringResourceLoader() { /* (non-Javadoc) * @see org.apache.wicket.resource.loader.IStringResourceLoader#loadStringResource(java.lang.Class, java.lang.String, java.util.Locale, java.lang.String) */ @Override public String loadStringResource(@SuppressWarnings("rawtypes") Class clazz, String key, Locale locale, String style) { try { return applicationContext.getMessage(key, null, locale == null ? Session.get().getLocale() : locale); } catch (Exception e) { /* * For performance, Wicket expects null instead of * throwing an exception and Wicket may try to * re-resolve using prefixed variants of the key. */ return null; } } /* (non-Javadoc) * @see org.apache.wicket.resource.loader.IStringResourceLoader#loadStringResource(org.apache.wicket.Component, java.lang.String) */ @Override public String loadStringResource(Component component, String key) { String value = loadStringResource(null, key, component == null ? null : component.getLocale(), null); if (logger.isDebugEnabled() && value == null) { logger.debug("i18n failed for key: '" + key + "', component: " + component); } return value; } }); getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() { /* (non-Javadoc) * @see org.apache.wicket.authorization.IAuthorizationStrategy#isActionAuthorized(org.apache.wicket.Component, org.apache.wicket.authorization.Action) */ @Override public boolean isActionAuthorized(Component c, Action a) { return true; } /* (non-Javadoc) * @see org.apache.wicket.authorization.IAuthorizationStrategy#isInstantiationAuthorized(java.lang.Class) */ @Override public boolean isInstantiationAuthorized(@SuppressWarnings("rawtypes") Class clazz) { if (BasePage.class.isAssignableFrom(clazz)) { if (JtracSession.get().isAuthenticated()) { return true; } if (jtracCasProxyTicketValidator != null) { /* * ============================================ * Attempt CAS authentication * ============================================ */ logger.debug("checking if context contains CAS authentication"); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { logger.debug("security context contains CAS authentication, initializing session"); JtracSession.get().setUser((User) authentication.getPrincipal()); return true; } } /* * ================================================ * Attempt remember-me auto login * ================================================ */ if (attemptRememberMeAutoLogin()) { return true; } /* * ================================================= * Attempt guest access if there are "public" spaces * ================================================= */ List<Space> spaces = getJtrac().findSpacesWhereGuestAllowed(); if (spaces.size() > 0) { logger.debug(spaces.size() + " public space(s) available, initializing guest user"); User guestUser = new User(); guestUser.setLoginName("guest"); guestUser.setName("Guest"); for (Space space : spaces) { guestUser.addSpaceWithRole(space, Role.ROLE_GUEST); } JtracSession.get().setUser(guestUser); // and proceed return true; } /* * Not authenticated, go to login page. */ logger.debug("not authenticated, forcing login, " + "page requested was " + clazz.getName()); if (jtracCasProxyTicketValidator != null) { String serviceUrl = jtracCasProxyTicketValidator.getServiceProperties().getService(); String loginUrl = jtracCasProxyTicketValidator.getLoginUrl(); logger.debug("cas authentication: service URL: " + serviceUrl); String redirectUrl = loginUrl + "?service=" + serviceUrl; logger.debug("attempting to redirect to: " + redirectUrl); throw new RestartResponseAtInterceptPageException(new RedirectPage(redirectUrl)); } else { throw new RestartResponseAtInterceptPageException(LoginPage.class); } } return true; } }); /* * Friendly URLs for selected pages */ if (jtracCasProxyTicketValidator != null) { mountBookmarkablePage("/login", CasLoginPage.class); /* * This matches the value set in: * WEB-INF/applicationContext-acegi-cas.xml */ mountBookmarkablePage("/cas/error", CasLoginErrorPage.class); } else { mountBookmarkablePage("/login", LoginPage.class); } mountBookmarkablePage("/logout", LogoutPage.class); mountBookmarkablePage("/svn", SvnStatsPage.class); mountBookmarkablePage("/options", OptionsPage.class); mountBookmarkablePage("/item/form", ItemFormPage.class); /* * Bookmarkable URL for search and search results */ mount(new QueryStringUrlCodingStrategy("/item/search", ItemSearchFormPage.class)); mount(new QueryStringUrlCodingStrategy("/item/list", ItemListPage.class)); /* * Bookmarkable URL for viewing items */ mount(new IndexedParamUrlCodingStrategy("/item", ItemViewPage.class)); }
From source file:jp.go.nict.langrid.management.web.view.ServiceManagerApplication.java
License:Open Source License
@Override protected void init() { setSpringSettings();/*from w w w . j av a2 s. com*/ try { MessageUtil.setContext(getServletContext()); } catch (ParameterRequiredException e) { e.printStackTrace(); LogWriter.writeError("Service Manager System", e, ServiceManagerApplication.class, "Service Manager can't initialized."); } getPageSettings().setAutomaticMultiWindowSupport(true); /** When rendered page, Comments are striped in page. **/ getMarkupSettings().setStripComments(true); getRequestCycleSettings().setResponseRequestEncoding("UTF-8"); getApplicationSettings().setInternalErrorPage(RequestResponseUtil.getPageClassForErrorRequest()); getApplicationSettings().setPageExpiredErrorPage(RequestResponseUtil.getPageClassForSessionTimeOut()); getSecuritySettings().setCryptFactory(new KeyInSessionSunJceCryptFactory()); getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() { public boolean isActionAuthorized(Component component, Action action) { return true; } public boolean isInstantiationAuthorized(Class componentClass) { if (!ServiceManagerPage.class.isAssignableFrom(componentClass)) { return true; } if (NewsLogOutPage.class.isAssignableFrom(componentClass) || NodeListLogOutPage.class.isAssignableFrom(componentClass) || LanguageResourcesLogOutPage.class.isAssignableFrom(componentClass) || LanguageServiceLogOutPage.class.isAssignableFrom(componentClass) || LanguageGridUsersLogOutPage.class.isAssignableFrom(componentClass) || OverviewLogOutPage.class.isAssignableFrom(componentClass) || LoginPage.class.isAssignableFrom(componentClass) || LanguageResourceProfilePage.class.isAssignableFrom(componentClass) || ServiceProfilePage.class.isAssignableFrom(componentClass) || LanguageInputFormPopupPage.class.isAssignableFrom(componentClass) || NodeProfilePage.class.isAssignableFrom(componentClass) || UserProfilePage.class.isAssignableFrom(componentClass) || OperatersOfConnectedLanguageGridLogOutPage.class.isAssignableFrom(componentClass) || ExpiredPasswordChangePage.class.isAssignableFrom(componentClass) || ProtocolsOfServiceLogOutPage.class.isAssignableFrom(componentClass) || ServiceTypeListLogOutPage.class.isAssignableFrom(componentClass) || ServiceTypeProfilePage.class.isAssignableFrom(componentClass) || MonitoringLanguageServicePublicLogOutPage.class.isAssignableFrom(componentClass) || MonitoringLanguageServiceStatisticPublicLogOutPage.class.isAssignableFrom(componentClass) || ManualLogOutPage.class.isAssignableFrom(componentClass) || RequestResponseUtil.getPageClassForErrorRequest().isAssignableFrom(componentClass) || RequestResponseUtil.getPageClassForErrorPopupRequest() .isAssignableFrom(componentClass)) { return true; } if (!((ServiceManagerSession) Session.get()).isLoginedAccess()) { throw new RestartResponseAtInterceptPageException(LoginPage.class); } if (!((ServiceManagerSession) Session.get()).isLogin()) { throw new RestartResponseAtInterceptPageException( RequestResponseUtil.getPageClassForSessionTimeOut()); } return true; } }); // bookmarkable pages mount(new QueryStringUrlCodingStrategy("/login", LoginPage.class)); mount(new QueryStringUrlCodingStrategy("/overview", OverviewLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/news", NewsLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/service-monitoring", MonitoringLanguageServicePublicLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/service-type", ServiceTypeListLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/users", LanguageGridUsersLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/language-resources", LanguageResourcesLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/language-services", LanguageServiceLogOutPage.class)); mount(new QueryStringUrlCodingStrategy("/computation-resources", NodeListLogOutPage.class)); mount(new MixedParamUrlCodingStrategy("/language-services/profile", ServiceProfilePage.class, new String[] { "gridId", "id" })); mount(new QueryStringUrlCodingStrategy("/users/profile", UserProfilePage.class)); mount(new MixedParamUrlCodingStrategy("/language-resources/profile", LanguageResourceProfilePage.class, new String[] { "gridId", "id" })); mount(new MixedParamUrlCodingStrategy("/computation-resources/profile", NodeProfilePage.class, new String[] { "gridId", "id" })); mount(new MixedParamUrlCodingStrategy("/service-type/profile", ServiceTypeProfilePage.class, new String[] { "domainId", "id" })); String selfGridId = new ServletContextParameterContext(getServletContext()).getValue("langrid.node.gridId"); if (selfGridId == null) throw new RuntimeException("failed to initialize service manager."); ServiceFactory.getInstance().getGridService().setSelfGridId(selfGridId); }
From source file:main.java.info.jtrac.wicket.JtracApplication.java
License:Apache License
@Override public void init() { super.init(); // get hold of spring managed service layer (see BasePage, BasePanel etc for how it is used) ServletContext sc = getServletContext(); // applicationContext = WebApplicationContextUtils.getWebApplicationContext(sc); jtrac = (Jtrac) applicationContext.getBean("jtrac"); // check if acegi-cas authentication is being used, get reference to object to be used // by wicket authentication to redirect to right pages for login / logout try {/*from ww w .ja v a 2 s . c o m*/ jtracCasProxyTicketValidator = (JtracCasProxyTicketValidator) applicationContext .getBean("casProxyTicketValidator"); logger.info( "casProxyTicketValidator retrieved from application context: " + jtracCasProxyTicketValidator); } catch (NoSuchBeanDefinitionException nsbde) { logger.info( "casProxyTicketValidator not found in application context, CAS single-sign-on is not being used"); } // delegate wicket i18n support to spring i18n getResourceSettings().addStringResourceLoader(new IStringResourceLoader() { public String loadStringResource(Class clazz, String key, Locale locale, String style) { try { return applicationContext.getMessage(key, null, locale); } catch (Exception e) { // have to return null so that wicket can try to resolve again // e.g. without prefixing component id etc. if (logger.isDebugEnabled()) { logger.debug("i18n failed for key: '" + key + "', Class: " + clazz + ", Style: " + style + ", Exception: " + e); } return null; } } public String loadStringResource(Component component, String key) { Class clazz = component == null ? null : component.getClass(); Locale locale = component == null ? Session.get().getLocale() : component.getLocale(); return loadStringResource(clazz, key, locale, null); } }); getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() { public boolean isActionAuthorized(Component c, Action a) { return true; } public boolean isInstantiationAuthorized(Class clazz) { if (BasePage.class.isAssignableFrom(clazz)) { if (((JtracSession) Session.get()).isAuthenticated()) { return true; } if (jtracCasProxyTicketValidator != null) { // attempt CAS authentication ========================== logger.debug("checking if context contains CAS authentication"); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication != null && authentication.isAuthenticated()) { logger.debug("security context contains CAS authentication, initializing session"); ((JtracSession) Session.get()).setUser((User) authentication.getPrincipal()); return true; } } // attempt remember-me auto login ========================== if (attemptRememberMeAutoLogin()) { return true; } // attempt guest access if there are "public" spaces ======= List<Space> spaces = getJtrac().findSpacesWhereGuestAllowed(); if (spaces.size() > 0) { logger.debug(spaces.size() + " public space(s) available, initializing guest user"); User guestUser = new User(); guestUser.setLoginName("guest"); guestUser.setName("Guest"); guestUser.addSpaceWithRole(null, "ROLE_GUEST"); for (Space space : spaces) { guestUser.addSpaceWithRole(space, "ROLE_GUEST"); } ((JtracSession) Session.get()).setUser(guestUser); // and proceed return true; } // not authenticated, go to login page logger.debug("not authenticated, forcing login, page requested was " + clazz.getName()); if (jtracCasProxyTicketValidator != null) { String serviceUrl = jtracCasProxyTicketValidator.getServiceProperties().getService(); String loginUrl = jtracCasProxyTicketValidator.getLoginUrl(); logger.debug("cas authentication: service URL: " + serviceUrl); String redirectUrl = loginUrl + "?service=" + serviceUrl; logger.debug("attempting to redirect to: " + redirectUrl); throw new RestartResponseAtInterceptPageException(new RedirectPage(redirectUrl)); } else { throw new RestartResponseAtInterceptPageException(LoginPage.class); } } return true; } }); // friendly urls for selected pages if (jtracCasProxyTicketValidator != null) { mountBookmarkablePage("/login", CasLoginPage.class); } else { mountBookmarkablePage("/login", LoginPage.class); } mountBookmarkablePage("/logout", LogoutPage.class); mountBookmarkablePage("/svn", SvnStatsPage.class); mountBookmarkablePage("/test", TestPage.class); mountBookmarkablePage("/casError", CasLoginErrorPage.class); // bookmarkable url for viewing items mount(new IndexedParamUrlCodingStrategy("/item", ItemViewPage.class)); }