Discussion:
Wanted: example for Spring Security with wicket-auth-roles
Tom Götz
2018-04-18 14:58:10 UTC
Permalink
Hi!

Does anyone have a working example for an integration of Spring Security and wicket-auth-roles? We currently use Wicket 7.9.0 and Spring Boot 2.x …

We’d like to authenticate users via a login form (SignInPanel) and also use a „remember me“ cookie based authentication.

Anyone?


Cheers,
Tom




---------------------------------------------------------------------
To unsubscribe, e-mail: users-***@wicket.apache.org
For additional commands, e-mail: users-***@wicket.apache.org
Martin Grigorov
2018-04-19 05:39:39 UTC
Permalink
Hi Tom,

I do not remember everything by heart but basically it is:
1. Provide impl of Spring Security's UserDetailsService and make it a @Bean
2. In your AuthenticatedWebSession#authenticate() impl use Spring
Security's Authentication to do the work. It was something like
SecurityContextHolder.getContext().getAuthentication().autheticate(new
UsernamePasswordAuthentication(username, password))

In Spring Security's config (HttpSecurity) you need to tell SS what is the
url to your login and logout pages, and that you want to enable
"rememberMe" functionality.
You can use both SS and/or Wicket to authenticate access to pages and
resources by their mount paths.
Post by Tom Götz
Hi!
Does anyone have a working example for an integration of Spring Security
and wicket-auth-roles? We currently use Wicket 7.9.0 and Spring Boot 2.x 

We’d like to authenticate users via a login form (SignInPanel) and also
use a „remember me“ cookie based authentication.
Anyone?
Cheers,
Tom
---------------------------------------------------------------------
David Beer
2018-04-27 18:04:28 UTC
Permalink
Hi Tom

Please have a look at this project I did
https://github.com/dmbeer/wicket-7-spring-security

From what I remember the process is pretty much as Martin says. If you look
through the archives I am sure you will find my explanation.

Thanks

David
Post by Martin Grigorov
Hi Tom,
2. In your AuthenticatedWebSession#authenticate() impl use Spring
Security's Authentication to do the work. It was something like
SecurityContextHolder.getContext().getAuthentication().autheticate(new
UsernamePasswordAuthentication(username, password))
In Spring Security's config (HttpSecurity) you need to tell SS what is the
url to your login and logout pages, and that you want to enable
"rememberMe" functionality.
You can use both SS and/or Wicket to authenticate access to pages and
resources by their mount paths.
Post by Tom Götz
Hi!
Does anyone have a working example for an integration of Spring Security
and wicket-auth-roles? We currently use Wicket 7.9.0 and Spring Boot 2.x


Post by Tom Götz
We’d like to authenticate users via a login form (SignInPanel) and also
use a „remember me“ cookie based authentication.
Anyone?
Cheers,
Tom
---------------------------------------------------------------------
Loading...