当前位置: 文江博客话题详情

如何使用 Wicket 密码保护页面?

发布于 2024-09-03 07:34:04 字数 125 浏览 4 评论 0原文

我想用密码保护 Wicket 中的网页,以便用户只有在登录后才能访问它。

我还希望该页面显示登录页面,然后在登录原始页面后,用户尝试到达。

这是如何用检票口完成的?我已经创建了一个登录页面并扩展了会话类。

原文

I want to password protect a webpage in Wicket so the user may only access it if he/she has logged in.

I'd also like the page to show the login page, and then after logging in the original page the user was trying to get to.

How is this done with wicket? I've already created a login page and extended the session class.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

友谊不毕业 2024-09-10 07:34:04

框架提供的方式是提供一个 IAuthorizationStrategy 您的应用程序的实例,例如,通过添加到您的应用程序 init() 方法:

init() {
    ...
    getSecuritySettings().setAuthorizationStrategy(...)
}

Wicket 授权功能的工作示例位于 Wicket Stuff 这里,它演示了一些相当复杂的东西。对于非常简单的情况,请查看 简单页面授权策略。在非常基本的层面上,这可以像这样使用(取自链接的 Javadoc):

SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(
    MySecureWebPage.class, MySignInPage.class)
 {
        protected boolean isAuthorized()
        {
            // Authorize access based on user authentication in the session
            return (((MySession)Session.get()).isSignedIn());
        }
 };
 getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);

编辑以响应评论

我认为最好的方法是,如果您只是要使用类似 < code>SimplePageAuthorizationStrategy 而不是该类本身。我做了这样的事情来捕获使用自定义注释进行注释的页面:

IAuthorizationStrategy authorizationStrategy = new AbstractPageAuthorizationStrategy()
 {
        protected boolean isPageAuthorized(java.lang.Class<Page.class> pageClass)
        {
            if (pageClass.getAnnotation(Protected.class) != null) {
                return (((MySession)Session.get()).isSignedIn());
            } else {
                return true;
            }
        }
 };

然后您需要注册 IUnauthorizedComponentInstantiationListener 类似于 SimplePageAuthorizationStrategy (链接到源代码),应该类似于:

new IUnauthorizedComponentInstantiationListener()
{
    public void onUnauthorizedInstantiation(final Component component)
    {
    if (component instanceof Page)
    {
        throw new RestartResponseAtInterceptPageException(MySignInPage.class);
    }
    else
    {
        throw new UnauthorizedInstantiationException(component.getClass());
    }
    }
});

The framework-supplied way is to provide an IAuthorizationStrategy instance for your application, e.g., by adding to your Application init() method:

init() {
    ...
    getSecuritySettings().setAuthorizationStrategy(...)
}

A working example of Wickets authorization functionality is on Wicket Stuff here, which demonstrates some reasonably complex stuff. For really simple cases, have a look at the SimplePageAuthorizationStrategy. At a very basic level, this could be used like so (taken from the linked Javadoc):

SimplePageAuthorizationStrategy authorizationStrategy = new SimplePageAuthorizationStrategy(
    MySecureWebPage.class, MySignInPage.class)
 {
        protected boolean isAuthorized()
        {
            // Authorize access based on user authentication in the session
            return (((MySession)Session.get()).isSignedIn());
        }
 };
 getSecuritySettings().setAuthorizationStrategy(authorizationStrategy);

Edit in response to comment

I think the best way forward, if you're just going to use something like SimplePageAuthorizationStrategy rather than that class itself. I did something like this to capture pages that are annotated with a custom annotation:

IAuthorizationStrategy authorizationStrategy = new AbstractPageAuthorizationStrategy()
 {
        protected boolean isPageAuthorized(java.lang.Class<Page.class> pageClass)
        {
            if (pageClass.getAnnotation(Protected.class) != null) {
                return (((MySession)Session.get()).isSignedIn());
            } else {
                return true;
            }
        }
 };

Then you'd need to register an IUnauthorizedComponentInstantiationListener similar to what is done in SimplePageAuthorizationStrategy (link is to the source code), which should be something like:

new IUnauthorizedComponentInstantiationListener()
{
    public void onUnauthorizedInstantiation(final Component component)
    {
    if (component instanceof Page)
    {
        throw new RestartResponseAtInterceptPageException(MySignInPage.class);
    }
    else
    {
        throw new UnauthorizedInstantiationException(component.getClass());
    }
    }
});
回复 原文
~没有更多了~

关于作者

吃兔兔

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

爱人如己

文章 0 评论 0

萧瑟寒风

文章 0 评论 0

云雾

文章 0 评论 0

倒带

文章 0 评论 0

浮世清欢

文章 0 评论 0

撩起发的微风

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文