-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathWicketSampleBasePage.java
executable file
·157 lines (144 loc) · 5.23 KB
/
WicketSampleBasePage.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
/*
* © 2023 iamfortress.net
*/
package org.rbacabac;
import org.apache.directory.fortress.core.*;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.core.model.RoleConstraint;
import org.apache.directory.fortress.core.model.User;
import org.apache.directory.fortress.realm.J2eePolicyMgr;
import org.apache.directory.fortress.web.control.SecUtils;
import org.apache.directory.fortress.core.model.Session;
import org.apache.directory.fortress.web.control.FtBookmarkablePageLink;
import org.apache.directory.fortress.web.control.WicketSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.extensions.ajax.markup.html.IndicatingAjaxButton;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.form.Form;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.markup.html.link.Link;
import org.apache.wicket.model.Model;
import org.apache.wicket.spring.injection.annot.SpringBean;
import jakarta.servlet.http.HttpServletRequest;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
/**
* Base class for RbacAbac Sample Project.
*
* @author Shawn McKinney
* @version $Rev$
*/
public abstract class WicketSampleBasePage extends WebPage
{
// The access management APIs:
@SpringBean
private AccessMgr accessMgr;
@SpringBean
private J2eePolicyMgr j2eePolicyMgr;
public WicketSampleBasePage()
{
final Link actionLink = new Link( "logout.link" )
{
@Override
public void onClick()
{
HttpServletRequest servletReq = ( HttpServletRequest ) getRequest().getContainerRequest();
servletReq.getSession().invalidate();
getSession().invalidate();
setResponsePage( LoginPage.class );
}
};
add( actionLink );
// These are 'secured' buttons meaning user must have..
add( new FtBookmarkablePageLink( "tellerspage.link", TellersPage.class ) );
add( new FtBookmarkablePageLink( "washerspage.link", WashersPage.class ) );
add( new UsersForm( "usersForm" ) );
add( new Label( "footer", "© 2023 iamfortress.net" ) );
add( new Label( "infoField" ));
}
/**
* Page 1 Form
*/
public class UsersForm extends Form
{
private TextField branchField;
public UsersForm(String id)
{
super( id );
branchField = new TextField("branch", Model.of(""));
add(branchField);
// Not a secured button b/c in this sample, any authorized app user may attempt branch logins:
add( new IndicatingAjaxButton( "branch.login" )
{
@Override
protected void onSubmit( AjaxRequestTarget target )
{
String branch = (String)branchField.getDefaultModelObject();
initializeSession( this, getUserid(), branch );
logIt( target, "Login to Branch: " + branch);
setResponsePage( HomePage.class );
}
} );
}
}
protected String getUserid()
{
HttpServletRequest servletReq = ( HttpServletRequest ) getRequest().getContainerRequest();
Principal principal = servletReq.getUserPrincipal();
return principal.getName();
}
protected String getBranchId()
{
return (String)( WicketSession.get() ).getAttribute( "branchId");
}
/**
* Used by the child pages.
*
* @param target for modal panel
* @param msg to log and display user info
*/
protected void logIt(AjaxRequestTarget target, String msg)
{
info( msg );
LOG.info( msg );
target.appendJavaScript( ";alert('" + msg + "');" );
}
protected static final Logger LOG = LoggerFactory.getLogger( WicketSampleBasePage.class.getName() );
/**
*
* @param component
* @param userId
* @param branchId
*/
public void initializeSession( Component component, String userId, String branchId )
{
synchronized ( ( WicketSession ) WicketSession.get() )
{
LOG.info( "Session user: " + userId );
User user = new User(userId);
RoleConstraint constraint = new RoleConstraint();
constraint.setKey( "locale" );
constraint.setValue( branchId );
List<RoleConstraint> constraints = new ArrayList();
constraints.add( constraint );
Session session;
try
{
session = accessMgr.createSession( user, constraints, true );
}
catch (SecurityException se)
{
throw new RuntimeException( se );
}
// Retrieve user permissions and attach RBAC session to Wicket session:
( ( WicketSession ) WicketSession.get() ).setSession( session );
( WicketSession.get() ).setAttribute( "branchId", branchId );
SecUtils.getPermissions( component, accessMgr );
}
}
}