Let's say I have a page called: /order-details/${orderId}.
Let's also say I want to ensure that some customer named Bob can only see
the order-details pages for the orders he placed, but not any of the
order-details pages for orders that John placed.
I already know wicket has role-based security. Does wicket also have some
form of parameter-based security? Am I barking up the wrong tree? Should
this security check be inside a hibernate on-load event listener instead?
Thanks,
Tom
Let's also say I want to ensure that some customer named Bob can only see
the order-details pages for the orders he placed, but not any of the
order-details pages for orders that John placed.
I already know wicket has role-based security. Does wicket also have some
form of parameter-based security? Am I barking up the wrong tree? Should
this security check be inside a hibernate on-load event listener instead?
Thanks,
Tom