views:

153

answers:

1

I am trying to implement a simple authorization strategy for my Wicket application. I am implemented my own AuthorizationStrategy (extending IAuthorizationStrategy).

http://old.nabble.com/Authorization-strategy-help-td18948597.html After reading the above link, I figured it makes more sense to use metadata-driven authorization than one using Annotations.

So I have a simple RoleCheck class

public class RoleCheck {

private String privilege;

public RoleCheck(String priv) { this.privilege = priv; }

public void setPrivilege(String privilege) { this.privilege = privilege; }

public String getPrivilege() { return privilege; }

}

I add it a component public static MetaDataKey priv = new MetaDataKey() {}; editLink.setMetaData(priv, new RoleCheck("Update"));

And in my Authorization Strategy class, I try to get the metadata associated with the component

public boolean isActionAuthorized(Component component, Action action) { if (action.equals(Component.RENDER)) { RoleCheck privCheck = (RoleCheck) component.getMetaData(EditControlToolBar.priv); if (privCheck != null) { ... } }

However the getMetaData gives an error "Bound mismatch: The generic method getMetaData(MetaDataKey) of type Component is not applicable for the arguments (MetaDataKey). The inferred type RoleCheck is not a valid substitute for the bounded parameter "

Any help would be appreciated. Thank you

A: 

Your RoleCheck class should implement Serializable.

And are you using Wicket 1.4 ? In which case I'd suggest proceeding this way :

public class RolePermissionKey extends MetaDataKey<RoleCheck> {
    public static final RolePermissionKey KEY = new RolePermissionKey();
}

To add it to a componenet :

editLink.setMetaData(RolePermissionKey.KEY, new RoleCheck("Update"));

And to perform the authorization :

RoleCheck privCheck = component.getMetaData(RolePermissionKey.KEY)
Jawher
Thank you. This was exactly what I was looking for. I missed making the RoleCheck serializable! (Duh!)
JGirl