Wicket Role based authorization and authentication with Hello World Example explained step by step below.

Prerequisite: Eclipse & JDK setup

If you don’t have Eclipse and JDK installed, follow this URL –

https://digitalappconsultancy.com/site/learning-java-hello-world-example/

Software used are listed below;

Eclipse 4.6.x
JDK 1.8.x
Apache Wicket 7.7.x
Apache Tomcat 8.5
Maven & Wicket (optional) Eclipse Plugin

Finally the project should look as below;

Step 1: Basic sofware setup;

If you already have them Jump to Step 2

1. Maven & Apache Wicket Plugin Install
2. Tomcat 8.5 server installation and setup

Refer – https://digitalappconsultancy.com/site/eclipse-tomcat-apache-wicket-maven-setup-with-hello-world-example/

Step 2: New Maven project

Create new Maven project -> Create Simple project (skip archetype selection) – Provide details as below;

Step 3: Update pom.xml & web.xml

Your web.xml should look as below;

<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
  <display-name>MyWebApp</display-name>
  
   <filter>
        <filter-name>MyWebAppApplication</filter-name>
        <filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
        <init-param>
          <param-name>applicationClassName</param-name>
          <param-value>com.webapp.WicketApplication</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>MyWebAppApplication</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

 

Update Maven pom.xml to download tomcat plugin and Apache wicket framework and Junit framework.
Note: dependency artifact “wicket-auth-roles” added for authentication usage.

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>MyWebApp</groupId>
    <artifactId>MyWebApp</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <packaging>war</packaging>
    <build>
        <sourceDirectory>src/main/java</sourceDirectory>
        <testSourceDirectory>src/test/java</testSourceDirectory>
        <plugins>
            <plugin>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>3.5.1</version>
                <configuration>
                    <source>1.8</source>
                    <target>1.8</target>
                </configuration>
            </plugin>
            <plugin>
                <artifactId>maven-war-plugin</artifactId>
                <version>3.0.0</version>
                <configuration>
                    <warSourceDirectory>WebContent</warSourceDirectory>
                </configuration>
            </plugin>

            <!-- Tomcat Maven plugin to deploy war file -->
            <plugin>
                <groupId>org.apache.tomcat.maven</groupId>
                <artifactId>tomcat7-maven-plugin</artifactId>
                <version>2.2</version>
                <configuration>
                    <url>http://localhost:8080/manager/text</url>
                    <server>TomcatServer</server>
                    <path>/MyWebApp</path>
                </configuration>
            </plugin>
        </plugins>
    </build>

    <dependencies>
        <!-- Apache Wicket Jars -->
        <dependency>
            <groupId>org.apache.wicket</groupId>
            <artifactId>wicket-core</artifactId>
            <version>7.7.0</version>
        </dependency>
        
        <!-- https://mvnrepository.com/artifact/org.apache.wicket/wicket-auth-roles -->
        <dependency>
            <groupId>org.apache.wicket</groupId>
            <artifactId>wicket-auth-roles</artifactId>
            <version>7.7.0</version>
        </dependency>
                
        <!-- https://mvnrepository.com/artifact/junit/junit -->
        <dependency>
            <groupId>junit</groupId>
            <artifactId>junit</artifactId>
            <version>4.12</version>
            <scope>test</scope>
        </dependency>
        
        <!-- Apache Wicket Testing need this jar -->
        <dependency>
            <groupId>javax.servlet</groupId>
            <artifactId>javax.servlet-api</artifactId>
            <version>3.0.1</version>
            <scope>provided</scope>
        </dependency>
    </dependencies>
</project>

 

Step 5: Create Wicket Components as below

  1. WicketApplication.java which extends AuthenticatedWebApplication (which is Wicket framework authentication built in class)
  2. BasicAuthenticationSession.java which extends AuthenticatedWebSession (which is Wicket framework authentication built in class)

Complete WicketApplication.java class source code provided below;

package com.webapp;

import org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession;
import org.apache.wicket.authroles.authentication.AuthenticatedWebApplication;
import org.apache.wicket.markup.html.WebPage;
import com.webapp.page.HomePage;
import com.webapp.page.LoginPage;

public class WicketApplication extends AuthenticatedWebApplication
{
    @Override
    public Class<? extends WebPage> getHomePage()
    {
            return HomePage.class;
    }

    @Override
    public void init()
    {
        super.init();
        // add your configuration here 
    }

    @Override
    protected Class<? extends WebPage> getSignInPageClass() {
        return LoginPage.class;
    }

    @Override
    protected Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass() {
        return BasicAuthenticationSession.class;
    }
}

Complete BasicAuthenticationSession.java class source code provided below;

package com.webapp;

import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
import org.apache.wicket.request.Request;

public class BasicAuthenticationSession extends AuthenticatedWebSession {

    private static final long serialVersionUID = 3715747949619382260L;
    
    private String username;
    
    public BasicAuthenticationSession(Request request) {
        super(request);
    }
    
    @Override
    public boolean authenticate(String username, String password) {
          //user is authenticated if both username and password are equal to 'test'
          this.username = username;
          
          if(username.equals(password) && username.equals("test"))
              return true;
          else if(username.equals(password) && username.equals("admin"))
              return true;
          
          return false;
    }
    
    @Override
    public Roles getRoles() {
        Roles resultRoles = new Roles();
    
        //if user is signed in add the relative role
        if(isSignedIn()){
            resultRoles.add("SIGNEDIN");
        }
     
        //if username is equal to 'superuser' add the ADMIN role
        if(username!= null && username.equals("admin")){
            resultRoles.add(Roles.ADMIN);
        }
    
        return resultRoles;
    }
    
    @Override
    public void signOut() {
        super.signOut();
        username = null;
    }
}

Complete LoginPage.java class source code provided below;

package com.webapp.page;

import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.form.PasswordTextField;
import org.apache.wicket.markup.html.form.StatelessForm;
import org.apache.wicket.markup.html.form.TextField;
import org.apache.wicket.model.CompoundPropertyModel;
import org.apache.wicket.util.string.Strings;


public class LoginPage extends WebPage{

    private static final long serialVersionUID = 5946349607750478191L;	

    private String username;
    private String password;

    @Override
    protected void onInitialize() {
        super.onInitialize();

        StatelessForm form = new StatelessForm("loginForm") {
            @Override
            protected void onSubmit() {
                if (Strings.isEmpty(username))
                    return;

                boolean authResult = AuthenticatedWebSession.get().signIn(username, password);
                // if authentication succeeds redirect user to the requested page
                if (authResult){
                    setResponsePage(HomePage.class);
                }else{
                    return;
                }
            }
        };

        form.setDefaultModel(new CompoundPropertyModel(this));

        form.add(new TextField("username"));
        form.add(new PasswordTextField("password"));

        add(form);
    }
}

Complete LoginPage.html class source code provided below;

<?xml version="1.0" encoding="UTF-8"?>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:wicket="http://wicket.apache.org">
<head>
    <title>Wicket Login Form Model</title>
    <link rel="stylesheet" type="text/css" href="style.css"/>
</head>
<body>
   <form id="loginForm" method="post" wicket:id="loginForm">
        <fieldset>
             <span>UserName: </span><input type="text" wicket:id="username" />
            <BR>
             <span>Password: </span><input type="password" wicket:id="password" /> 
            <BR>
            <p>
                <input type="submit" name="Login" value="Login"/>
            </p>
        </fieldset>	
  </form>		
</body>
</html>

Complete HomePage.java class source code provided below;

package com.webapp.page;

import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.basic.Label;
import org.apache.wicket.markup.html.link.Link;

@AuthorizeInstantiation("SIGNEDIN")
public class HomePage extends WebPage {

    private static final long serialVersionUID = -7465108755276912649L;

    public HomePage() {
        add(new Label("message", "Hello World! - HomePage"));
    }

    @Override
    protected void onInitialize() {
        super.onInitialize();
        add(new Link("adminOnlyPage") {

            @Override
            public void onClick() {
                setResponsePage(AdminPage.class);
            }
        });

        add(new Link("logOut") {

            @Override
            public void onClick() {
                AuthenticatedWebSession.get().invalidate();
                setResponsePage(getApplication().getHomePage());
            }
        });
    }
}

Complete HomePage.html class source code provided below;

<?xml version="1.0" encoding="UTF-8"?>
<html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:wicket="http://wicket.apache.org">
<head>
<title>Wicket Examples - helloworld</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
    <table>
        <tr>
            <td><span wicket:id="message" id="message">Message goes
                    here</span></td>
        </tr>
        <tr>
            <td><span wicket:id="adminOnlyPage" id="adminOnlyPage">AdminPage</span>
            </td>
        </tr>
        <tr>
            <td><span wicket:id="logOut" id="logOut">LogOut</span></td>
        </tr>
    </table>
</body>
</html>

Complete AdminPage.java class source code provided below;

package com.webapp.page;

import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.markup.html.basic.Label;

@AuthorizeInstantiation("ADMIN")
public class AdminPage extends WebPage {
    
    private static final long serialVersionUID = -2567481321704360392L;

    public AdminPage() {
        add(new Label("message", "Hello World! - AdminPage"));
    }

}

Complete AdminPage.html class source code provided below;

<?xml version="1.0" encoding="UTF-8"?>
<html xmlns="http://www.w3.org/1999/xhtml"
    xmlns:wicket="http://wicket.apache.org">
<head>
<title>Wicket Examples - helloworld</title>
<link rel="stylesheet" type="text/css" href="style.css" />
</head>
<body>
    <table>
        <tr>
            <td><span wicket:id="message" id="message">Message goes
                    here</span></td>
        </tr>
    </table>
</body>
</html>

 

Step 6: Unit testing with JUnit Framework
Important feature comes with Apache Wicket framework is ability to unit test Markup (html view) via JUnits.

Create TestLognPage.java,TestHomePage.java and TestAdminPage.java under src/test/java package as below;

 

/**
 * 
 */
package com.test.page;

import org.apache.wicket.util.tester.FormTester;
import org.apache.wicket.util.tester.WicketTester;
import org.junit.Before;
import org.junit.Test;

import com.webapp.WicketApplication;
import com.webapp.page.HomePage;
import com.webapp.page.LoginPage;

public class TestLoginPage {
    private WicketTester tester;

    @Before
    public void setUp() {
        tester = new WicketTester(new WicketApplication());
    }

    @Test
    public void loginpageRendersSuccessfully() {
        // start and render the test page
        tester.startPage(LoginPage.class);
        // assert rendered page class
        tester.assertRenderedPage(LoginPage.class);
    }
    
    @Test
    public void submitLogin(){
        // start and render the test page
        tester.startPage(LoginPage.class);
        // assert rendered page class
        tester.assertRenderedPage(LoginPage.class);
        
        FormTester formTester = tester.newFormTester("loginForm");
        
        //set credentials
        formTester.setValue("username", "test");
        formTester.setValue("password", "test");		
        //submit form
        formTester.submit();
    
        tester.assertRenderedPage(HomePage.class);
    }
}

 

/**
 * 
 */
package com.test.page;

import org.apache.wicket.util.tester.FormTester;
import org.apache.wicket.util.tester.WicketTester;
import org.junit.Before;
import org.junit.Test;

import com.webapp.WicketApplication;
import com.webapp.page.HomePage;
import com.webapp.page.LoginPage;


public class TestHomePage {
    private WicketTester tester;
    
    /**
     * @throws java.lang.Exception
     */
    @Before
    public void setUp() {
        tester = new WicketTester(new WicketApplication());
    }
    
    @Test
    public void homePageRendersSuccessfully() {
        
        // start and render the test page
        tester.startPage(LoginPage.class);
        // assert rendered page class
        tester.assertRenderedPage(LoginPage.class);
        
        FormTester formTester = tester.newFormTester("loginForm");
        
        //set credentials
        formTester.setValue("username", "test");
        formTester.setValue("password", "test");		
        //submit form
        formTester.submit();
        
        // start and render the test page
        tester.startPage(HomePage.class);
        // assert rendered page class
        tester.assertRenderedPage(HomePage.class);
    }

}

 

/**
 * 
 */
package com.test.page;

import org.apache.wicket.util.tester.FormTester;
import org.apache.wicket.util.tester.WicketTester;
import org.junit.Before;
import org.junit.Test;

import com.webapp.WicketApplication;
import com.webapp.page.AdminPage;
import com.webapp.page.LoginPage;


public class TestAdminPage {
    private WicketTester tester;
    
    /**
     * @throws java.lang.Exception
     */
    @Before
    public void setUp() {
        tester = new WicketTester(new WicketApplication());
    }
    
    @Test
    public void adminPageRendersSuccessfully() {
        // start and render the test page
        tester.startPage(LoginPage.class);
        // assert rendered page class
        tester.assertRenderedPage(LoginPage.class);
        
        FormTester formTester = tester.newFormTester("loginForm");
        
        //set credentials
        formTester.setValue("username", "admin");
        formTester.setValue("password", "admin");		
        //submit form
        formTester.submit();
        
        // start and render the test page
        tester.startPage(AdminPage.class);
        // assert rendered page class
        tester.assertRenderedPage(AdminPage.class);
    }

}

 

Finally the project should look as below;

Right click on pom.xml and Run As – Maven with specific goal “tomcat7:deploy” for first time and to redeploy “tomcat7:redeploy”

If Deployment is successful, you should be able to view the Hello World page as below;

Access url – http://localhost:8080/MyWebApp

 

Once you login with userName/password as test/test. You should see below page;

 

Now if you try to access Admin page, you should get Access Denied default page. This is because test user don’t have Admin role to access the AdminPage

Note: Apache wicket allows customizing the Access Denied page.

 

If you logout and login back with admin/admin РuserName/password Рthen you should be able to access the Admin page  as below.

For further reading refer Apache Wicket Web Development Category posts.

Apache Wicket Role based authorization and authentication example
Tagged on:     

Leave a Reply

Your email address will not be published. Required fields are marked *