Simple (Authenticator & Authorizor)
The simple in-memory implementation, allows both authentication and authorization to be evaluated against a user provided SimpleRealm
object.
Maven pom.xml
Dependency Management
If your application inherits from the Apache Causeway starter app (org.apache.causeway.app:causeway-app-starter-parent
) then that will define the version automatically:
<parent>
<groupId>org.apache.causeway.app</groupId>
<artifactId>causeway-app-starter-parent</artifactId>
<version>3.2.0</version>
<relativePath/>
</parent>
Alternatively, import the core BOM. This is usually done in the top-level parent pom of your application:
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.causeway.core</groupId>
<artifactId>causeway-core</artifactId>
<version>3.2.0</version>
<scope>import</scope>
<type>pom</type>
</dependency>
</dependencies>
</dependencyManagement>
Dependency
In the webapp module of your application, add the following dependency:
<dependencies>
<dependency>
<groupId>org.apache.causeway.mavendeps</groupId>
<artifactId>causeway-mavendeps-webapp</artifactId>
<type>pom</type>
</dependency>
</dependencies>
Note that this transitively includes the Wicket viewer module (org.apache.causeway.viewer:causeway-viewer-wicket-viewer
in your app).
Update AppManifest
In your application’s AppManifest
(top-level Spring @Configuration
used to bootstrap the app), import the
@Configuration
@Import({
...
CausewayModuleSecuritySimple.class,
...
})
public class AppManifest {
@Bean
public SimpleRealm simpleRealm() {
return new SimpleRealm()
//roles
.addRole("admin_role", id->Grant.CHANGE)
.addRole("order_role", id->
id.getFullIdentityString().contains("Order")
? Grant.CHANGE
: Grant.NONE)
.addRole("customer_role", id->
id.getFullIdentityString().contains("Customer")
? Grant.CHANGE
: Grant.NONE)
.addRole("reader_role", id->
id.getFullIdentityString().contains("TopSecret")
? Grant.NONE
: Grant.READ)
//users
.addUser("sven", pwdhash, List.of("admin_role"))
.addUser("dick", pwdhash, List.of("reader_role", "order_role"))
.addUser("bob", pwdhash, List.of("reader_role", "customer_role"))
.addUser("joe", pwdhash, List.of("reader_role"));
}
}
Make sure that no other CausewayModuleSecurityXxx
module is imported.