Package org.apache.wicket.settings

Class SecuritySettings

  • public class SecuritySettings
extends java.lang.Object
    Class for security related settings
    Author:
    Jonathan Locke, Chris Turner, Eelco Hillenius, Juergen Donnerstag, Johan Compagner, Igor Vaynberg (ivaynberg), Martijn Dashorst, James Carman

    • Field Detail

      • DEFAULT_ENCRYPTION_KEY

        public static final java.lang.String DEFAULT_ENCRYPTION_KEY
        encryption key used by default crypt factory
        See Also:
        Constant Field Values

    • Constructor Detail

      • SecuritySettings

        public SecuritySettings()

    • Method Detail

      • getAuthorizationStrategy

        public IAuthorizationStrategy getAuthorizationStrategy()
        Gets the authorization strategy.
        Returns:
        Returns the authorizationStrategy.

      • getCryptFactory

        public org.apache.wicket.util.crypt.ICryptFactory getCryptFactory()
        Note: Prints a warning to stderr if no factory was set and DEFAULT_ENCRYPTION_KEY is used instead.
        Returns:
        crypt factory used to generate crypt objects

      • getEnforceMounts

        public boolean getEnforceMounts()
        Gets whether page mounts should be enforced. If true, requests for a page will be allowed only if the page has been explicitly mounted in MyApplication#init(). This setting basically disables BookmarkableMapper
        Returns:
        Whether mounts should be enforced

      • setAuthorizationStrategy

        public SecuritySettings setAuthorizationStrategy​(IAuthorizationStrategy strategy)
        Sets the authorization strategy.
        Parameters:
        strategy - new authorization strategy
        Returns:
        this object for chaining

      • setCryptFactory

        public SecuritySettings setCryptFactory​(org.apache.wicket.util.crypt.ICryptFactory cryptFactory)
        Sets the factory that will be used to create crypt objects. The crypt object returned from the first call is cached.
        Parameters:
        cryptFactory -
        Returns:
        this object for chaining

      • setEnforceMounts

        public SecuritySettings setEnforceMounts​(boolean enforce)
        Sets whether mounts should be enforced. If true, requests for mounted targets have to done through the mounted paths. If, for instance, a bookmarkable page is mounted to a path, a request to that same page via the bookmarkablePage parameter will be denied.
        Parameters:
        enforce - Whether mounts should be enforced
        Returns:
        this object for chaining

      • getUnauthorizedResourceRequestListener

        public IUnauthorizedResourceRequestListener getUnauthorizedResourceRequestListener()
        Returns:
        The listener that will be used when a request to an IResource is not allowed for some reason

      • setUnauthorizedResourceRequestListener

        public SecuritySettings setUnauthorizedResourceRequestListener​(IUnauthorizedResourceRequestListener listener)
        Sets a listener that will be used when a request to an IResource is not allowed for some reason
        Parameters:
        listener - The listener
        Returns:
        this object for chaining

      • getAuthenticationStrategy

        public IAuthenticationStrategy getAuthenticationStrategy()
        Gets the authentication strategy.
        Returns:
        Returns the authentication strategy.

      • setAuthenticationStrategy

        public SecuritySettings setAuthenticationStrategy​(IAuthenticationStrategy strategy)
        Sets the authentication strategy.
        Parameters:
        strategy - new authentication strategy
        Returns:
        this object for chaining