directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From smckin...@apache.org
Subject [2/2] directory-fortress-commander git commit: FC-79 - add common utils to web component
Date Wed, 11 Mar 2015 06:06:50 GMT
FC-79 - add common utils to web component


Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/commit/8fb94a07
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/tree/8fb94a07
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/diff/8fb94a07

Branch: refs/heads/master
Commit: 8fb94a07fe5f8eaf2f38d7fa86932eb4eac6a058
Parents: c5edeae
Author: Shawn McKinney <smckinney@apache.org>
Authored: Wed Mar 11 01:06:34 2015 -0500
Committer: Shawn McKinney <smckinney@apache.org>
Committed: Wed Mar 11 01:06:34 2015 -0500

----------------------------------------------------------------------
 pom.xml                                         |  11 +-
 .../fortress/web/ApplicationContext.java        |   2 +-
 .../directory/fortress/web/AuditUtils.java      | 201 +++++++++++
 .../fortress/web/FortressWebBasePage.java       |  33 +-
 .../directory/fortress/web/GlobalUtils.java     | 346 -------------------
 .../directory/fortress/web/RbacSession.java     |  79 -----
 .../directory/fortress/web/RoleAdminPage.java   |  24 +-
 .../apache/directory/fortress/web/SecUtils.java | 225 ++++++++++++
 .../web/SecureBookmarkablePageLink.java         |   2 +-
 .../web/SecureIndicatingAjaxButton.java         | 110 +++++-
 .../fortress/web/SecureIndicatingAjaxLink.java  |   2 +-
 .../directory/fortress/web/WicketSession.java   |  80 +++++
 .../web/panel/AuditAuthzDetailPanel.java        |  11 +-
 .../fortress/web/panel/AuditAuthzListPanel.java |  11 +-
 .../web/panel/AuditBindDetailPanel.java         |   9 +-
 .../fortress/web/panel/AuditBindListPanel.java  |   9 +-
 .../fortress/web/panel/AuditModDetailPanel.java |   9 +-
 .../fortress/web/panel/AuditModListPanel.java   |   6 +-
 .../fortress/web/panel/GroupDetailPanel.java    |  37 +-
 .../fortress/web/panel/GroupListPanel.java      |   8 +-
 .../directory/fortress/web/panel/NavPanel.java  |   2 +-
 .../fortress/web/panel/OUDetailPanel.java       |   4 +-
 .../fortress/web/panel/OUListPanel.java         |   8 +-
 .../fortress/web/panel/OUSearchModalPanel.java  |   4 +-
 .../fortress/web/panel/ObjectDetailPanel.java   |   4 +-
 .../fortress/web/panel/ObjectListPanel.java     |   8 +-
 .../web/panel/ObjectSearchModalPanel.java       |   4 +-
 .../fortress/web/panel/PermDetailPanel.java     |   4 +-
 .../fortress/web/panel/PermListPanel.java       |  10 +-
 .../web/panel/PermSearchModalPanel.java         |   4 +-
 .../fortress/web/panel/PwPolicyDetailPanel.java |   4 +-
 .../fortress/web/panel/PwPolicyListPanel.java   |   8 +-
 .../web/panel/PwPolicySearchModalPanel.java     |   2 +-
 .../fortress/web/panel/RoleDetailPanel.java     |   8 +-
 .../fortress/web/panel/RoleListPanel.java       |   8 +-
 .../web/panel/RoleSearchModalPanel.java         |   5 +-
 .../fortress/web/panel/SDDetailPanel.java       |   4 +-
 .../fortress/web/panel/SDListPanel.java         |   8 +-
 .../fortress/web/panel/UserDetailPanel.java     |   6 +-
 .../fortress/web/panel/UserListPanel.java       |  10 +-
 .../web/panel/UserSearchModalPanel.java         |   5 +-
 src/main/resources/applicationContext.xml       |   5 +
 src/main/resources/fortress.properties.example  |   4 +-
 43 files changed, 784 insertions(+), 560 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 7a441c1..a065047 100755
--- a/pom.xml
+++ b/pom.xml
@@ -356,6 +356,7 @@
       </resource>
     </resources>
     <plugins>
+<!--
         <plugin>
           <groupId>org.apache.rat</groupId>
           <artifactId>apache-rat-plugin</artifactId>
@@ -363,7 +364,7 @@
           <configuration>
             <excludeSubProjects>false</excludeSubProjects>
             <excludes>
-              <!-- project excludes -->
+              &lt;!&ndash; project excludes &ndash;&gt;
               <exclude>**/jquery-ui.css</exclude>
               <exclude>**/kendo.common.min.css</exclude>
               <exclude>**/kendo.default.min.css</exclude>
@@ -386,8 +387,10 @@
             </execution>
           </executions>
         </plugin>
+-->
 
       <!-- Assemble a commander distro archive -->
+<!--
       <plugin>
         <artifactId>maven-assembly-plugin</artifactId>
         <executions>
@@ -407,7 +410,8 @@
           </execution>
         </executions>
       </plugin>
-      
+-->
+
       <!-- Deploy the finished war -->
       <plugin>
         <groupId>org.codehaus.mojo</groupId>
@@ -453,9 +457,10 @@
               <!-- this is relative to the pom.xml directory -->
               <directory>${project.basedir}/src/main/resources
               </directory>
-
             </resource>
           </webResources>
+          <!--<archiveClasses>true</archiveClasses>-->
+          <attachClasses>true</attachClasses>
         </configuration>
       </plugin>
       

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/ApplicationContext.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/ApplicationContext.java b/src/main/java/org/apache/directory/fortress/web/ApplicationContext.java
index 23299db..44dce06 100644
--- a/src/main/java/org/apache/directory/fortress/web/ApplicationContext.java
+++ b/src/main/java/org/apache/directory/fortress/web/ApplicationContext.java
@@ -41,7 +41,7 @@ public class ApplicationContext extends WebApplication
     @Override
     public Session newSession( Request request, Response response )
     {
-        return new RbacSession( request );
+        return new WicketSession( request );
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/AuditUtils.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/AuditUtils.java b/src/main/java/org/apache/directory/fortress/web/AuditUtils.java
new file mode 100644
index 0000000..7ee40f1
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/web/AuditUtils.java
@@ -0,0 +1,201 @@
+package org.apache.directory.fortress.web;
+
+import org.apache.directory.fortress.core.ReviewMgr;
+import org.apache.directory.fortress.core.rbac.AuthZ;
+import org.apache.directory.fortress.core.rbac.Permission;
+import org.apache.directory.fortress.core.rbac.User;
+import org.apache.directory.fortress.core.util.attr.VUtil;
+import org.apache.log4j.Logger;
+
+import java.util.List;
+import java.util.StringTokenizer;
+
+/**
+ * Created by smckinn on 3/10/15.
+ */
+public class AuditUtils
+{
+    private static final Logger LOG = Logger.getLogger( AuditUtils.class.getName() );
+    /**
+     *
+     * @param raw
+     * @return
+     */
+    public static Permission getAuthZPerm( String raw )
+    {
+        //// ftOpNm=addUser,ftObjNm=org.apache.directory.fortress.core.rbac.AdminMgrImpl,ou=AdminPerms,ou=ARBAC,dc=jts,dc=us
+        // ftObjId=006+ftOpNm=TOP1_6,ftObjNm=TOB1_4,ou=Permissions,ou=RBAC,dc=jts,dc=us
+
+        // TODO: use fortress GlobalIds instead:
+        final String OBJ_ID = "ftObjId";
+        final String OBJ_NM = "ftObjNm";
+        final String OP_NM = "ftOpNm";
+        Permission perm = new Permission();
+        int bindx = raw.indexOf( OBJ_ID );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.indexOf( "+" );
+            if ( eindx != -1 )
+            {
+                perm.setObjId( raw.substring( bindx + OBJ_ID.length() + 1, eindx ) );
+            }
+        }
+        bindx = raw.indexOf( OBJ_NM );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.substring( bindx ).indexOf( "," );
+            if ( eindx != -1 )
+            {
+                eindx += bindx;
+                perm.setObjName( raw.substring( bindx + OBJ_NM.length() + 1, eindx ) );
+            }
+        }
+        bindx = raw.indexOf( OP_NM );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.substring( bindx ).indexOf( "," );
+            if ( eindx != -1 )
+            {
+                eindx += bindx;
+                perm.setOpName( raw.substring( bindx + OP_NM.length() + 1, eindx ) );
+            }
+        }
+        return perm;
+    }
+
+    /**
+     *
+     * @param authZ
+     */
+    public static void mapAuthZPerm( AuthZ authZ )
+    {
+        //// ftOpNm=addUser,ftObjNm=org.apache.directory.fortress.core.rbac.AdminMgrImpl,ou=AdminPerms,ou=ARBAC,dc=jts,dc=us
+        // ftObjId=006+ftOpNm=TOP1_6,ftObjNm=TOB1_4,ou=Permissions,ou=RBAC,dc=jts,dc=us
+        String raw = authZ.getReqDN();
+
+        // TODO: use fortress GlobalIds instead:
+        final String OBJ_ID = "ftObjId";
+        final String OBJ_NM = "ftObjNm";
+        final String OP_NM = "ftOpNm";
+
+        // TODO: fix this mapping:
+        //reqDerefAliases
+        //reqAttr
+        //reqAttrsOnly
+
+        //Permission perm = new Permission();
+        int bindx = raw.indexOf( OBJ_ID );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.indexOf( "+" );
+            if ( eindx != -1 )
+            {
+                authZ.setReqDerefAliases( raw.substring( bindx + OBJ_ID.length() + 1, eindx ) );
+            }
+        }
+        bindx = raw.indexOf( OBJ_NM );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.substring( bindx ).indexOf( "," );
+            if ( eindx != -1 )
+            {
+                eindx += bindx;
+                authZ.setReqAttr( raw.substring( bindx + OBJ_NM.length() + 1, eindx ) );
+            }
+        }
+        bindx = raw.indexOf( OP_NM );
+        if ( bindx != -1 )
+        {
+            int eindx = raw.substring( bindx ).indexOf( "," );
+            if ( eindx != -1 )
+            {
+                eindx += bindx;
+                authZ.setReqAttrsOnly( raw.substring( bindx + OP_NM.length() + 1, eindx ) );
+            }
+        }
+    }
+
+    /**
+     *
+     * @param inputString
+     * @return
+     */
+    public static String getAuthZId( String inputString )
+    {
+        //reqAuthzID: uid=fttu3user4,ou=people,dc=jts,dc=com
+        String userId = null;
+        if ( inputString != null && inputString.length() > 0 )
+        {
+            StringTokenizer maxTkn = new StringTokenizer( inputString, "," );
+            if ( maxTkn.countTokens() > 0 )
+            {
+                String val = maxTkn.nextToken();
+                int indx = val.indexOf( '=' );
+                if ( indx >= 1 )
+                {
+                    userId = val.substring( indx + 1 );
+                }
+            }
+        }
+        return userId;
+    }
+
+    /**
+     *
+     * @param reviewMgr
+     * @param userId
+     * @return
+     */
+    public static User getUser( ReviewMgr reviewMgr, String userId )
+    {
+        User user = null;
+        try
+        {
+            user = reviewMgr.readUser( new User( userId ) );
+        }
+        catch ( org.apache.directory.fortress.core.SecurityException se )
+        {
+            String error = "SecurityException=" + se;
+            LOG.warn( error );
+
+        }
+        return user;
+    }
+
+    /**
+     *
+     * @param reviewMgr
+     * @param internalId
+     * @return
+     */
+    public static User getUserByInternalId( ReviewMgr reviewMgr, String internalId )
+    {
+        User user = null;
+        try
+        {
+            User inUser = new User();
+            inUser.setInternalId( internalId );
+            List<User> users = reviewMgr.findUsers( inUser );
+            if ( VUtil.isNotNullOrEmpty( users ) )
+            {
+                if ( users.size() > 1 )
+                {
+                    String error = "Found: " + users.size() + " users matching internalId: " + internalId;
+                    LOG.warn( error );
+                }
+                user = users.get( 0 );
+            }
+            else
+            {
+                String error = "Can't find user matching internalId: " + internalId;
+                LOG.warn( error );
+            }
+        }
+        catch ( org.apache.directory.fortress.core.SecurityException se )
+        {
+            String error = "SecurityException=" + se;
+            LOG.warn( error );
+        }
+        return user;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java b/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
index df4dd42..b78d185 100644
--- a/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
+++ b/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
@@ -20,6 +20,8 @@
 package org.apache.directory.fortress.web;
 
 
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.realm.J2eePolicyMgr;
 import org.apache.log4j.Logger;
 import org.apache.wicket.markup.html.WebPage;
 import org.apache.wicket.markup.html.basic.Label;
@@ -47,6 +49,8 @@ public abstract class FortressWebBasePage extends WebPage
     private AccessMgr accessMgr;
     @SpringBean
     private DelAccessMgr delAccessMgr;
+    @SpringBean
+    private J2eePolicyMgr j2eePolicyMgr;
     private static final String CLS_NM = FortressWebBasePage.class.getName();
     private static final Logger LOG = Logger.getLogger( CLS_NM );
 
@@ -148,20 +152,31 @@ public abstract class FortressWebBasePage extends WebPage
         boolean isSecured = principal != null;
         if ( isSecured && !isLoggedIn() )
         {
+            // Here the principal was created by fortress realm and is a serialized instance of {@link Session}.
             String szPrincipal = principal.toString();
-            // Pull the RBAC session from the realm and assert into the Web app's session:
-            Session realmSession = GlobalUtils.deserialize( szPrincipal, Session.class );
+            Session session = null;
+            try
+            {
+                // Deserialize the principal string into a fortress session:
+                session = j2eePolicyMgr.deserialize( szPrincipal );
+            }
+            catch(SecurityException se)
+            {
+                // Can't recover....
+                throw new RuntimeException( se );
+            }
 
-            // If this is null, app in container that cannot share rbac session with app, Must now create session manually:
-            if ( realmSession == null )
+            // If this is null, it means this app cannot share an rbac session with container and must now (re)create session here:
+            if ( session == null )
             {
-                realmSession = GlobalUtils.createRbacSession( accessMgr, principal.getName() );
+                session = SecUtils.createSession( accessMgr, principal.getName() );
             }
-            if ( realmSession != null )
+            // Now load the fortress session into the Wicket session and let wicket hold onto that for us.  Also retreive the arbac perms from server and cache those too.
+            if ( session != null )
             {
-                synchronized ( ( RbacSession ) RbacSession.get() )
+                synchronized ( ( WicketSession ) WicketSession.get() )
                 {
-                    GlobalUtils.loadPermissionsIntoSession( delAccessMgr, realmSession );
+                    SecUtils.loadPermissionsIntoSession( delAccessMgr, session );
                 }
             }
             // give up
@@ -176,7 +191,7 @@ public abstract class FortressWebBasePage extends WebPage
     private boolean isLoggedIn()
     {
         boolean isLoggedIn = false;
-        if ( GlobalUtils.getRbacSession( this ) != null )
+        if ( SecUtils.getSession( this ) != null )
         {
             isLoggedIn = true;
         }

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/GlobalUtils.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/GlobalUtils.java b/src/main/java/org/apache/directory/fortress/web/GlobalUtils.java
deleted file mode 100644
index 2797ef0..0000000
--- a/src/main/java/org/apache/directory/fortress/web/GlobalUtils.java
+++ /dev/null
@@ -1,346 +0,0 @@
-/*
- *   Licensed to the Apache Software Foundation (ASF) under one
- *   or more contributor license agreements.  See the NOTICE file
- *   distributed with this work for additional information
- *   regarding copyright ownership.  The ASF licenses this file
- *   to you under the Apache License, Version 2.0 (the
- *   "License"); you may not use this file except in compliance
- *   with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.apache.directory.fortress.web;
-
-import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
-import org.apache.directory.api.ldap.model.name.Rdn;
-import org.apache.directory.fortress.core.*;
-import org.apache.log4j.Logger;
-import org.apache.wicket.Component;
-import org.apache.wicket.request.mapper.parameter.PageParameters;
-import org.apache.wicket.util.string.StringValue;
-import org.apache.directory.api.ldap.model.name.Dn;
-import org.apache.directory.fortress.core.rbac.AuthZ;
-import org.apache.directory.fortress.core.rbac.Permission;
-import org.apache.directory.fortress.core.rbac.Session;
-import org.apache.directory.fortress.core.rbac.User;
-import org.apache.directory.fortress.core.util.attr.VUtil;
-
-import javax.servlet.http.HttpServletRequest;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.util.List;
-import java.util.StringTokenizer;
-
-/**
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$
- */
-public class GlobalUtils
-{
-    private static final Logger LOG = Logger.getLogger( GlobalUtils.class.getName() );
-
-    public static Session getRbacSession( Component component )
-    {
-        return ( ( RbacSession ) component.getSession() ).getRbacSession();
-    }
-
-    public static Session createRbacSession( AccessMgr accessMgr, String userId )
-    {
-        Session session;
-        try
-        {
-            // Create an RBAC session and attach to Wicket session:
-            session = accessMgr.createSession( new User( userId ), true );
-            String message = "RBAC Session successfully created for userId: " + session.getUserId();
-            LOG.debug( message );
-        }
-        catch ( org.apache.directory.fortress.core.SecurityException se )
-        {
-            String error = "createRbacSession caught SecurityException=" + se;
-            LOG.error( error );
-            throw new RuntimeException( error );
-        }
-        return session;
-    }
-
-    public static void loadPermissionsIntoSession( DelAccessMgr delAccessMgr, Session session)
-    {
-        try
-        {
-            // Retrieve user permissions and attach RBAC session to Wicket session:
-            ( ( RbacSession ) RbacSession.get() ).setSession( session );
-            List<Permission> permissions = delAccessMgr.sessionPermissions( session );
-            ( ( RbacSession ) RbacSession.get() ).setPermissions( permissions );
-            String message = "RBAC Session successfully created for userId: " + session.getUserId();
-            LOG.debug( message );
-        }
-        catch ( org.apache.directory.fortress.core.SecurityException se )
-        {
-            String error = "loadPermissionsIntoSession caught SecurityException=" + se;
-            LOG.error( error );
-            throw new RuntimeException( error );
-        }
-    }
-
-    public static List<Permission> getRbacPermissions( Component component )
-    {
-        return ( ( RbacSession ) component.getSession() ).getPermissions();
-    }
-
-    public static boolean isAuthorized( String roleName, HttpServletRequest servletReq )
-    {
-        boolean isAuthorized = false;
-        if ( servletReq.isUserInRole( roleName ) )
-        {
-            isAuthorized = true;
-        }
-        return isAuthorized;
-    }
-
-    public static boolean isFound( Permission permission, Component component )
-    {
-        List<Permission> permissions = GlobalUtils.getRbacPermissions( component );
-        return VUtil.isNotNullOrEmpty( permissions ) && permissions.contains( permission );
-    }
-
-    /**
-     * This utility method can deserialize any object but is used to convert java.security.Principal to Fortress RBAC session object.
-     *
-     * @param str contains String to deserialize
-     * @param cls contains class to use for destination object
-     * @return deserialization target object
-     */
-    public static <T> T deserialize(String str, Class<T> cls)
-    {
-        // deserialize the object
-        try
-        {
-            // This encoding induces a bijection between byte[] and String (unlike UTF-8)
-            byte b[] = str.getBytes("ISO-8859-1");
-            ByteArrayInputStream bi = new ByteArrayInputStream(b);
-            ObjectInputStream si = new ObjectInputStream(bi);
-            return cls.cast(si.readObject());
-        }
-        catch (java.io.UnsupportedEncodingException e)
-        {
-            LOG.warn( "deserialize caught UnsupportedEncodingException:" + e);
-        }
-        catch (IOException e)
-        {
-            LOG.warn( "deserialize caught IOException:" + e);
-        }
-        catch (ClassNotFoundException e)
-        {
-            LOG.warn( "deserialize caught ClassNotFoundException:" + e);
-        }
-        // this method failed so return null
-        return null;
-    }
-
-    public static String getPageType( PageParameters parameters )
-    {
-        String pageType = null;
-        if ( parameters != null )
-        {
-            List<StringValue> values = parameters.getValues( GlobalIds.PAGE_TYPE );
-            if ( values != null && values.size() > 0 )
-            {
-                pageType = values.get( 0 ).toString();
-            }
-        }
-        return pageType;
-    }
-
-    public static void mapAuthZPerm( AuthZ authZ )
-    {
-        //// ftOpNm=addUser,ftObjNm=org.apache.directory.fortress.core.rbac.AdminMgrImpl,ou=AdminPerms,ou=ARBAC,dc=jts,dc=us
-        // ftObjId=006+ftOpNm=TOP1_6,ftObjNm=TOB1_4,ou=Permissions,ou=RBAC,dc=jts,dc=us
-        String raw = authZ.getReqDN();
-
-        // TODO: use fortress GlobalIds instead:
-        final String OBJ_ID = "ftObjId";
-        final String OBJ_NM = "ftObjNm";
-        final String OP_NM = "ftOpNm";
-
-        // TODO: fix this mapping:
-        //reqDerefAliases
-        //reqAttr
-        //reqAttrsOnly
-
-        //Permission perm = new Permission();
-        int bindx = raw.indexOf( OBJ_ID );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.indexOf( "+" );
-            if ( eindx != -1 )
-            {
-                authZ.setReqDerefAliases( raw.substring( bindx + OBJ_ID.length() + 1, eindx ) );
-            }
-        }
-        bindx = raw.indexOf( OBJ_NM );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.substring( bindx ).indexOf( "," );
-            if ( eindx != -1 )
-            {
-                eindx += bindx;
-                authZ.setReqAttr( raw.substring( bindx + OBJ_NM.length() + 1, eindx ) );
-            }
-        }
-        bindx = raw.indexOf( OP_NM );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.substring( bindx ).indexOf( "," );
-            if ( eindx != -1 )
-            {
-                eindx += bindx;
-                authZ.setReqAttrsOnly( raw.substring( bindx + OP_NM.length() + 1, eindx ) );
-            }
-        }
-    }
-
-    public static Permission getAuthZPerm( String raw )
-    {
-        //// ftOpNm=addUser,ftObjNm=org.apache.directory.fortress.core.rbac.AdminMgrImpl,ou=AdminPerms,ou=ARBAC,dc=jts,dc=us
-        // ftObjId=006+ftOpNm=TOP1_6,ftObjNm=TOB1_4,ou=Permissions,ou=RBAC,dc=jts,dc=us
-
-        // TODO: use fortress GlobalIds instead:
-        final String OBJ_ID = "ftObjId";
-        final String OBJ_NM = "ftObjNm";
-        final String OP_NM = "ftOpNm";
-        Permission perm = new Permission();
-        int bindx = raw.indexOf( OBJ_ID );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.indexOf( "+" );
-            if ( eindx != -1 )
-            {
-                perm.setObjId( raw.substring( bindx + OBJ_ID.length() + 1, eindx ) );
-            }
-        }
-        bindx = raw.indexOf( OBJ_NM );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.substring( bindx ).indexOf( "," );
-            if ( eindx != -1 )
-            {
-                eindx += bindx;
-                perm.setObjName( raw.substring( bindx + OBJ_NM.length() + 1, eindx ) );
-            }
-        }
-        bindx = raw.indexOf( OP_NM );
-        if ( bindx != -1 )
-        {
-            int eindx = raw.substring( bindx ).indexOf( "," );
-            if ( eindx != -1 )
-            {
-                eindx += bindx;
-                perm.setOpName( raw.substring( bindx + OP_NM.length() + 1, eindx ) );
-            }
-        }
-        return perm;
-    }
-
-    public static String getAuthZId( String inputString )
-    {
-        //reqAuthzID: uid=fttu3user4,ou=people,dc=jts,dc=com
-        String userId = null;
-        if ( inputString != null && inputString.length() > 0 )
-        {
-            StringTokenizer maxTkn = new StringTokenizer( inputString, "," );
-            if ( maxTkn.countTokens() > 0 )
-            {
-                String val = maxTkn.nextToken();
-                int indx = val.indexOf( '=' );
-                if ( indx >= 1 )
-                {
-                    userId = val.substring( indx + 1 );
-                }
-            }
-        }
-        return userId;
-    }
-
-    public static User getUser( ReviewMgr reviewMgr, String userId )
-    {
-        User user = null;
-        try
-        {
-            user = reviewMgr.readUser( new User( userId ) );
-        }
-        catch ( org.apache.directory.fortress.core.SecurityException se )
-        {
-            String error = "SecurityException=" + se;
-            LOG.warn( error );
-
-        }
-        return user;
-    }
-
-
-    public static User getUserByInternalId( ReviewMgr reviewMgr, String internalId )
-    {
-        User user = null;
-        try
-        {
-            User inUser = new User();
-            inUser.setInternalId( internalId );
-            List<User> users = reviewMgr.findUsers( inUser );
-            if ( VUtil.isNotNullOrEmpty( users ) )
-            {
-                if ( users.size() > 1 )
-                {
-                    String error = "Found: " + users.size() + " users matching internalId: " + internalId;
-                    LOG.warn( error );
-                }
-                user = users.get( 0 );
-            }
-            else
-            {
-                String error = "Can't find user matching internalId: " + internalId;
-                LOG.warn( error );
-            }
-        }
-        catch ( org.apache.directory.fortress.core.SecurityException se )
-        {
-            String error = "SecurityException=" + se;
-            LOG.warn( error );
-
-        }
-        return user;
-    }
-
-    /**
-     * Method will retrieve the relative distinguished name from a distinguished name variable.
-     *
-     * @param szDn contains ldap distinguished name.
-     * @return rDn as string.
-     */
-    public static String getRdn( String szDn )
-    {
-        String szRdn = null;
-        try
-        {
-            Dn dn = new Dn( szDn );
-            Rdn rDn = dn.getRdn();
-            szRdn = rDn.getName();
-        }
-        catch ( LdapInvalidDnException e )
-        {
-            String error = "GlobalUtils.getRdn dn: " + szDn + ", caught LdapInvalidDnException:" + e;
-            throw new RuntimeException( error );
-
-        }
-        return szRdn;
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/RbacSession.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/RbacSession.java b/src/main/java/org/apache/directory/fortress/web/RbacSession.java
deleted file mode 100644
index ee7d4fe..0000000
--- a/src/main/java/org/apache/directory/fortress/web/RbacSession.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/*
- *   Licensed to the Apache Software Foundation (ASF) under one
- *   or more contributor license agreements.  See the NOTICE file
- *   distributed with this work for additional information
- *   regarding copyright ownership.  The ASF licenses this file
- *   to you under the Apache License, Version 2.0 (the
- *   "License"); you may not use this file except in compliance
- *   with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *   Unless required by applicable law or agreed to in writing,
- *   software distributed under the License is distributed on an
- *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- *   KIND, either express or implied.  See the License for the
- *   specific language governing permissions and limitations
- *   under the License.
- *
- */
-package org.apache.directory.fortress.web;
-
-
-import org.apache.wicket.protocol.http.WebSession;
-import org.apache.wicket.request.Request;
-import org.apache.directory.fortress.core.rbac.Permission;
-import org.apache.directory.fortress.core.rbac.Session;
-
-import java.util.List;
-
-
-/**
- * ...
- *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
- * @version $Rev$
- */
-public class RbacSession extends WebSession
-{
-    /** Default serialVersionUID */
-    private static final long serialVersionUID = 1L;
-    private Session session;
-    private List<Permission> permissions;
-
-
-    /**
-     * Constructor. Note that {@link org.apache.wicket.request.cycle.RequestCycle} is not available until this
-     * constructor returns.
-     *
-     * @param request The current request
-     */
-    public RbacSession( Request request )
-    {
-        super( request );
-    }
-
-
-    public Session getRbacSession()
-    {
-        return session;
-    }
-
-
-    public void setSession( Session session )
-    {
-        this.session = session;
-    }
-
-
-    public List<Permission> getPermissions()
-    {
-        return permissions;
-    }
-
-
-    public void setPermissions( List<Permission> permissions )
-    {
-        this.permissions = permissions;
-    }
-}

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/RoleAdminPage.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/RoleAdminPage.java b/src/main/java/org/apache/directory/fortress/web/RoleAdminPage.java
index d0b7c51..594c39a 100644
--- a/src/main/java/org/apache/directory/fortress/web/RoleAdminPage.java
+++ b/src/main/java/org/apache/directory/fortress/web/RoleAdminPage.java
@@ -31,6 +31,9 @@ import org.apache.directory.fortress.web.panel.InfoPanel;
 import org.apache.directory.fortress.web.panel.NavPanel;
 import org.apache.directory.fortress.web.panel.RoleDetailPanel;
 import org.apache.directory.fortress.web.panel.RoleListPanel;
+import org.apache.wicket.util.string.StringValue;
+
+import java.util.List;
 
 
 /**
@@ -53,7 +56,7 @@ public class RoleAdminPage extends FortressWebBasePage
      */
     public RoleAdminPage( PageParameters parameters )
     {
-        String type = GlobalUtils.getPageType( parameters );
+        String type = getPageType( parameters );
         add( new Label( GlobalIds.PAGE_HEADER, label ) );
         WebMarkupContainer container = new WebMarkupContainer( GlobalIds.LAYOUT );
         FourWaySplitter splitter = new FourWaySplitter();
@@ -91,4 +94,23 @@ public class RoleAdminPage extends FortressWebBasePage
         container.add( navPanel );
         this.add( container );
     }
+
+    /**
+     *
+     * @param parameters
+     * @return
+     */
+    private String getPageType( PageParameters parameters )
+    {
+        String pageType = null;
+        if ( parameters != null )
+        {
+            List<StringValue> values = parameters.getValues( GlobalIds.PAGE_TYPE );
+            if ( values != null && values.size() > 0 )
+            {
+                pageType = values.get( 0 ).toString();
+            }
+        }
+        return pageType;
+    }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/SecUtils.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/SecUtils.java b/src/main/java/org/apache/directory/fortress/web/SecUtils.java
new file mode 100644
index 0000000..cbe5617
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/web/SecUtils.java
@@ -0,0 +1,225 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.web;
+
+import org.apache.directory.fortress.core.*;
+import org.apache.directory.fortress.core.SecurityException;
+import org.apache.directory.fortress.core.cfg.Config;
+import org.apache.directory.fortress.realm.J2eePolicyMgr;
+import org.apache.log4j.Logger;
+import org.apache.wicket.Component;
+import org.apache.directory.fortress.core.rbac.Permission;
+import org.apache.directory.fortress.core.rbac.Session;
+import org.apache.directory.fortress.core.rbac.User;
+import org.apache.directory.fortress.core.util.attr.VUtil;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.List;
+
+/**
+ * Common static utils used by Wicket web apps to make security calls using Fortress apis.
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class SecUtils
+{
+    private static final Logger LOG = Logger.getLogger( SecUtils.class.getName() );
+    private static final String PERMS_CACHED = "perms.cached";
+    public static final boolean IS_PERM_CACHED = ( ( Config.getProperty( PERMS_CACHED ) != null ) && ( Config
+        .getProperty( PERMS_CACHED ).equalsIgnoreCase( "true" ) ) );
+
+    /**
+     * Return the fortress session that is cached within the wicket session object.
+     *
+     * @param component needed to get handle to wicket session.
+     * @return fortress session object.
+     */
+    public static Session getSession(Component component)
+    {
+        return ( ( WicketSession ) component.getSession() ).getSession();
+    }
+
+    /**
+     *  Used when web app needs to create a 'trusted' fortress session.
+     *
+     *  Does not check user's password.
+     *
+     * @param accessMgr fortress access mgr apis
+     * @param userId required for rbac session creation.
+     * @return rbac session.
+     */
+    public static Session createSession(AccessMgr accessMgr, String userId)
+    {
+        Session session;
+        try
+        {
+            // Create an RBAC session and attach to Wicket session:
+            session = accessMgr.createSession( new User( userId ), true );
+            String message = "RBAC Session successfully created for userId: " + session.getUserId();
+            LOG.debug( message );
+        }
+        catch ( org.apache.directory.fortress.core.SecurityException se )
+        {
+            String error = "createSession caught SecurityException=" + se;
+            LOG.error( error );
+            throw new RuntimeException( error );
+        }
+        return session;
+    }
+
+    /**
+     * Here the wicket session is loaded with the fortress session and permissions.
+     *
+     *
+     * @param delAccessMgr needed to pull back fortress arbac permissions.
+     * @param session needed for call into accessMgr.
+     */
+    public static void loadPermissionsIntoSession( DelAccessMgr delAccessMgr, Session session)
+    {
+        try
+        {
+            // Retrieve user permissions and attach fortress session to Wicket session:
+            ( ( WicketSession ) WicketSession.get() ).setSession( session );
+            List<Permission> permissions = delAccessMgr.sessionPermissions( session );
+            ( ( WicketSession ) WicketSession.get() ).setPermissions( permissions );
+            String message = "Session successfully created for userId: " + session.getUserId();
+            LOG.debug( message );
+        }
+        catch ( org.apache.directory.fortress.core.SecurityException se )
+        {
+            String error = "loadPermissionsIntoSession caught SecurityException=" + se;
+            LOG.error( error );
+            throw new RuntimeException( error );
+        }
+    }
+
+    /**
+     * Returns the fortress arbac perms that are cashed in the wicket session.
+     *
+     * @param component needed to get a handle on the wicket session object.
+     * @return collection of fortress admin perms.
+     */
+    public static List<Permission> getPermissions(Component component)
+    {
+        return ( ( WicketSession ) component.getSession() ).getPermissions();
+    }
+
+    /**
+     * Retrieve RBAC session permissions from Fortress and place in the Wicket session.
+     */
+    public static void getPermissions( Component component, AccessMgr accessMgr )
+    {
+        try
+        {
+            if ( IS_PERM_CACHED )
+            {
+                WicketSession session = ( WicketSession ) component.getSession();
+                List<Permission> permissions = accessMgr.sessionPermissions( session.getSession() );
+                ( ( WicketSession ) WicketSession.get() ).setPermissions( permissions );
+            }
+        }
+        catch ( org.apache.directory.fortress.core.SecurityException se )
+        {
+            String error = "getPermissions caught SecurityException=" + se;
+            LOG.error( error );
+            throw new RuntimeException( error );
+        }
+    }
+
+    /**
+     * Wrapper for the httpservlet isUserInRole api.
+     *
+     * @param roleName contains the name of role being checked.
+     * @param servletReq handle used to make inquiry.
+     * @return true if authorized, false otherwise.
+     */
+    public static boolean isAuthorized( String roleName, HttpServletRequest servletReq )
+    {
+        boolean isAuthorized = false;
+        if ( servletReq.isUserInRole( roleName ) )
+        {
+            isAuthorized = true;
+        }
+        return isAuthorized;
+    }
+
+    /**
+     * Is the supplied permission in the wicket session cache?  Called by buttons.
+     * if not found, button will be invisible.
+     *
+     * @param permission fortress perm requires {link @Permission#objName} and {link @Permission#opName} are set.
+     * @param component needed to get handle on the wicket session object.
+     * @return true if found, false otherwise
+     */
+    public static boolean isFound( Permission permission, Component component )
+    {
+        List<Permission> permissions = SecUtils.getPermissions( component );
+        return VUtil.isNotNullOrEmpty( permissions ) && permissions.contains( permission );
+    }
+
+    /**
+     * Wrapper to fortress checkAccess api.
+     * @param component contains the wicket session handle.
+     * @param accessMgr has the checkAccess api
+     * @param objName string value
+     * @param opName string value
+     * @param objId string value
+     * @return
+     * @throws org.apache.directory.fortress.core.SecurityException checked exception for system errors.
+     */
+    public static boolean checkAccess(Component component, AccessMgr accessMgr, String objName, String opName, String objId ) throws org.apache.directory.fortress.core.SecurityException
+    {
+        WicketSession session = ( WicketSession )component.getSession();
+        Permission permission = new Permission( objName, opName, objId );
+        return accessMgr.checkAccess( session.getSession(), permission );
+    }
+
+
+    /**
+     * Convert the principal into fortress session and load into wicket session along with perms.
+     *
+     */
+    public static void initializeSession(Component component, J2eePolicyMgr j2eePolicyMgr, AccessMgr accessMgr, String szPrincipal )
+    {
+        Session realmSession = null;
+        try
+        {
+            realmSession = j2eePolicyMgr.deserialize( szPrincipal );
+        }
+        catch( SecurityException se )
+        {
+            throw new RuntimeException( se );
+        }
+        if(realmSession != null)
+        {
+            synchronized ( ( WicketSession ) WicketSession.get() )
+            {
+                if ( SecUtils.getSession( component ) == null )
+                {
+                    LOG.info( "realmSession user: " + realmSession.getUserId() );
+                    // Retrieve user permissions and attach RBAC session to Wicket session:
+                    ( ( WicketSession ) WicketSession.get() ).setSession( realmSession );
+                    getPermissions( component, accessMgr );
+                }
+            }
+        }
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/SecureBookmarkablePageLink.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/SecureBookmarkablePageLink.java b/src/main/java/org/apache/directory/fortress/web/SecureBookmarkablePageLink.java
index f1fed07..2cadff9 100644
--- a/src/main/java/org/apache/directory/fortress/web/SecureBookmarkablePageLink.java
+++ b/src/main/java/org/apache/directory/fortress/web/SecureBookmarkablePageLink.java
@@ -63,6 +63,6 @@ public class SecureBookmarkablePageLink extends BookmarkablePageLink
     private boolean isAuthorized( String roleName )
     {
         HttpServletRequest servletReq = ( HttpServletRequest ) getRequest().getContainerRequest();
-        return GlobalUtils.isAuthorized( roleName, servletReq );
+        return SecUtils.isAuthorized( roleName, servletReq );
     }
 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxButton.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxButton.java b/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxButton.java
index c2e272f..5d96066 100644
--- a/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxButton.java
+++ b/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxButton.java
@@ -19,39 +19,127 @@
  */
 package org.apache.directory.fortress.web;
 
-
 import com.googlecode.wicket.jquery.ui.form.button.IndicatingAjaxButton;
+import org.apache.log4j.Logger;
+import org.apache.wicket.Component;
+import org.apache.wicket.spring.injection.annot.SpringBean;
+import org.apache.directory.fortress.core.*;
 import org.apache.directory.fortress.core.rbac.Permission;
 
 import javax.servlet.http.HttpServletRequest;
 
-
 /**
  * ...
  *
- * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @author Shawn McKinney
  * @version $Rev$
  */
-@Authorizable
 public class SecureIndicatingAjaxButton extends IndicatingAjaxButton
 {
-    /** Default serialVersionUID */
-    private static final long serialVersionUID = 1L;
+    Permission perm;
 
+    @SpringBean
+    private AccessMgr accessMgr;
 
-    public SecureIndicatingAjaxButton( String id, String objName, String opName )
+    private static final Logger LOG = Logger.getLogger( SecureIndicatingAjaxButton.class.getName() );
+
+    public SecureIndicatingAjaxButton( Component component, String id, String objectName, String opName )
     {
         super( id );
-        if ( !GlobalUtils.isFound( new Permission( objName, opName ), this ) )
-            setVisible( false );
+        this.perm = new Permission(objectName, opName);
+        if( SecUtils.IS_PERM_CACHED)
+        {
+            if(!SecUtils.isFound( perm, this ))
+                setVisible( false );
+        }
+        else
+        {
+            boolean isAuthorized = false;
+            try
+            {
+                WicketSession session = ( WicketSession )component.getSession();
+                isAuthorized = accessMgr.checkAccess( session.getSession(), perm );
+                LOG.info( "Fortress checkAccess objectName: " + objectName + " operationName: " + opName + " userId: " + session.getSession().getUserId() + " result: " + isAuthorized);
+            }
+            catch(org.apache.directory.fortress.core.SecurityException se)
+            {
+                String error = "Fortress SecurityException checkAccess objectName: " + objectName + " operationName: " + opName + " error=" + se;
+                LOG.error( error );
+            }
+            if(!isAuthorized)
+                setVisible( false );
+        }
     }
 
-
     public SecureIndicatingAjaxButton( String id, String roleName )
     {
         super( id );
         HttpServletRequest servletReq = ( HttpServletRequest ) getRequest().getContainerRequest();
-        if ( !GlobalUtils.isAuthorized( roleName, servletReq ) )
+        if( ! SecUtils.isAuthorized( roleName, servletReq ) )
+            setVisible( false );
+    }
+
+
+    public SecureIndicatingAjaxButton( String id, String objName, String opName )
+    {
+        super( id );
+        if ( !SecUtils.isFound( new Permission( objName, opName ), this ) )
             setVisible( false );
     }
+
+
+    protected boolean checkAccess( String objectName, String opName )
+    {
+        boolean isAuthorized = false;
+        try
+        {
+            WicketSession session = ( WicketSession )getSession();
+            Permission permission = new Permission( objectName, opName );
+            //Permission permission = new Permission( objectName, perm.getOpName() );
+            isAuthorized = accessMgr.checkAccess( session.getSession(), permission );
+            LOG.info( "Fortress checkAccess objectName: " + permission.getObjName() + " operationName: " + permission.getOpName() + " userId: " + session.getSession().getUserId() + " result: " + isAuthorized);
+        }
+        catch(org.apache.directory.fortress.core.SecurityException se)
+        {
+            String error = "Fortress SecurityException checkAccess objectName: " + this.perm.getObjName() + " operationName: " + this.perm.getOpName() + " error=" + se;
+            LOG.error( error );
+        }
+        return isAuthorized;
+    }
+
+    protected boolean checkAccess( )
+    {
+        boolean isAuthorized = false;
+        try
+        {
+            WicketSession session = ( WicketSession )getSession();
+            isAuthorized = accessMgr.checkAccess( session.getSession(), perm );
+            LOG.info( "Fortress checkAccess objName: " + this.perm.getObjName() + " opName: " + this.perm.getOpName() + " userId: " + session.getSession().getUserId() + " result: " + isAuthorized);
+        }
+        catch(org.apache.directory.fortress.core.SecurityException se)
+        {
+            String error = "Fortress SecurityException checkAccess objName: " + this.perm.getObjName() + " opName: " + this.perm.getOpName() + " error=" + se;
+            LOG.error( error );
+        }
+        return isAuthorized;
+    }
+
+
+    protected boolean checkAccess( String objectId )
+    {
+        boolean isAuthorized = false;
+        try
+        {
+            WicketSession session = ( WicketSession )getSession();
+            Permission finePerm = new Permission(perm.getObjName(), perm.getOpName(), objectId);
+            isAuthorized = accessMgr.checkAccess( session.getSession(), finePerm );
+            LOG.info( "Fortress checkAccess objName: " + this.perm.getObjName() + " opName: " + this.perm.getOpName() + ", objId: " + finePerm.getObjId() + ", userId: " + session.getSession().getUserId() + " result: " + isAuthorized);
+        }
+        catch(org.apache.directory.fortress.core.SecurityException se)
+        {
+            String error = "Fortress SecurityException checkAccess objectName: " + this.perm.getObjName() + " opName: " + this.perm.getOpName() + ", objId: " + objectId + ", error=" + se;
+            LOG.error( error );
+        }
+        return isAuthorized;
+    }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxLink.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxLink.java b/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxLink.java
index 3d2866e..1b36060 100644
--- a/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxLink.java
+++ b/src/main/java/org/apache/directory/fortress/web/SecureIndicatingAjaxLink.java
@@ -40,7 +40,7 @@ public class SecureIndicatingAjaxLink extends IndicatingAjaxLink
     public SecureIndicatingAjaxLink( String id, String objName, String opName )
     {
         super( id );
-        if ( !GlobalUtils.isFound( new Permission( objName, opName ), this ) )
+        if ( !SecUtils.isFound( new Permission( objName, opName ), this ) )
             setEnabled( false );
     }
 

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/WicketSession.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/WicketSession.java b/src/main/java/org/apache/directory/fortress/web/WicketSession.java
new file mode 100644
index 0000000..9e8bb7a
--- /dev/null
+++ b/src/main/java/org/apache/directory/fortress/web/WicketSession.java
@@ -0,0 +1,80 @@
+/*
+ *   Licensed to the Apache Software Foundation (ASF) under one
+ *   or more contributor license agreements.  See the NOTICE file
+ *   distributed with this work for additional information
+ *   regarding copyright ownership.  The ASF licenses this file
+ *   to you under the Apache License, Version 2.0 (the
+ *   "License"); you may not use this file except in compliance
+ *   with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing,
+ *   software distributed under the License is distributed on an
+ *   "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *   KIND, either express or implied.  See the License for the
+ *   specific language governing permissions and limitations
+ *   under the License.
+ *
+ */
+package org.apache.directory.fortress.web;
+
+
+import org.apache.wicket.protocol.http.WebSession;
+import org.apache.wicket.request.Request;
+import org.apache.directory.fortress.core.rbac.Permission;
+import org.apache.directory.fortress.core.rbac.Session;
+
+import java.util.List;
+
+
+/**
+ * This object is managed by wicket framework.  It is used to cache a copy of a user's session and permissions.
+ *
+ *
+ * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a>
+ * @version $Rev$
+ */
+public class WicketSession extends WebSession
+{
+    /** Default serialVersionUID */
+    private static final long serialVersionUID = 1L;
+    private Session session;
+    private List<Permission> permissions;
+
+
+    /**
+     * Constructor. Note that {@link org.apache.wicket.request.cycle.RequestCycle} is not available until this
+     * constructor returns.
+     *
+     * @param request The current request
+     */
+    public WicketSession(Request request)
+    {
+        super( request );
+    }
+
+
+    public Session getSession()
+    {
+        return session;
+    }
+
+
+    public void setSession(Session session)
+    {
+        this.session = session;
+    }
+
+
+    public List<Permission> getPermissions()
+    {
+        return permissions;
+    }
+
+
+    public void setPermissions( List<Permission> permissions )
+    {
+        this.permissions = permissions;
+    }
+}

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzDetailPanel.java
index 88710e6..9bd9174 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzDetailPanel.java
@@ -21,7 +21,8 @@
 package org.apache.directory.fortress.web.panel;
 
 
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.AuditUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SelectModelEvent;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
@@ -68,8 +69,8 @@ public class AuditAuthzDetailPanel extends FormComponentPanel
     public AuditAuthzDetailPanel( String id, Displayable display )
     {
         super( id );
-        this.auditMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
-        this.reviewMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.auditMgr.setAdmin( SecUtils.getSession( this ) );
+        this.reviewMgr.setAdmin( SecUtils.getSession( this ) );
         this.detailForm = new AuditAuthzDetailForm( GlobalIds.DETAIL_FIELDS, new CompoundPropertyModel<AuthZ>(
             new AuthZ() ) );
         this.display = display;
@@ -108,7 +109,7 @@ public class AuditAuthzDetailPanel extends FormComponentPanel
                 this.setModelObject( authZ );
                 String msg = "AuthZ: " + authZ.getReqAuthzID() + " has been selected";
                 LOG.debug( ".onEvent SelectModelEvent: " + authZ.getReqAuthzID() );
-                GlobalUtils.getAuthZPerm( authZ.getReqDN() );
+                AuditUtils.getAuthZPerm( authZ.getReqDN() );
                 display.setMessage( msg );
                 component = detailForm;
 
@@ -138,7 +139,7 @@ public class AuditAuthzDetailPanel extends FormComponentPanel
                 AuthZ authZ = ( AuthZ ) detailForm.getModelObject();
                 if ( VUtil.isNotNullOrEmpty( authZ.getReqAuthzID() ) )
                 {
-                    user = GlobalUtils.getUser( reviewMgr, authZ.getReqAuthzID() );
+                    user = AuditUtils.getUser( reviewMgr, authZ.getReqAuthzID() );
                 }
                 if ( user == null )
                 {

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzListPanel.java
index 0750dbf..7291539 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditAuthzListPanel.java
@@ -23,9 +23,9 @@ package org.apache.directory.fortress.web.panel;
 
 import com.googlecode.wicket.kendo.ui.form.datetime.DatePicker;
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
+import org.apache.directory.fortress.web.AuditUtils;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -42,7 +42,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.directory.fortress.web.AuditAuthzListModel;
 import org.apache.directory.fortress.web.AuditAuthzPage;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxLink;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -57,7 +57,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -97,7 +96,7 @@ public class AuditAuthzListPanel extends FormComponentPanel
 
     private void init( UserAudit userAudit )
     {
-        AuditAuthzListModel pageModel = new AuditAuthzListModel( userAudit, GlobalUtils.getRbacSession( this ) );
+        AuditAuthzListModel pageModel = new AuditAuthzListModel( userAudit, SecUtils.getSession( this ) );
         setDefaultModel( pageModel );
         createAndLoadGrid();
         this.listForm = new Form( "authzform" );
@@ -612,8 +611,8 @@ public class AuditAuthzListPanel extends FormComponentPanel
                             authZ.setReqResult( GlobalIds.SUCCESS );
                         }
             */
-            authZ.setReqAuthzID( GlobalUtils.getAuthZId( authZ.getReqAuthzID() ) );
-            GlobalUtils.mapAuthZPerm( authZ );
+            authZ.setReqAuthzID( AuditUtils.getAuthZId( authZ.getReqAuthzID() ) );
+            AuditUtils.mapAuthZPerm( authZ );
             rootNode.add( new DefaultMutableTreeNode( authZ ) );
         }
     }

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditBindDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditBindDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditBindDetailPanel.java
index bf33aea..4cc23dd 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditBindDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditBindDetailPanel.java
@@ -21,7 +21,8 @@
 package org.apache.directory.fortress.web.panel;
 
 
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.AuditUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SelectModelEvent;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
@@ -68,8 +69,8 @@ public class AuditBindDetailPanel extends FormComponentPanel
     public AuditBindDetailPanel( String id, Displayable display )
     {
         super( id );
-        this.auditMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
-        this.reviewMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.auditMgr.setAdmin( SecUtils.getSession( this ) );
+        this.reviewMgr.setAdmin( SecUtils.getSession( this ) );
         this.detailForm = new AuditBindDetailForm( GlobalIds.DETAIL_FIELDS,
             new CompoundPropertyModel<Bind>( new Bind() ) );
         this.display = display;
@@ -135,7 +136,7 @@ public class AuditBindDetailPanel extends FormComponentPanel
                 Bind bind = ( Bind ) detailForm.getModelObject();
                 if ( VUtil.isNotNullOrEmpty( bind.getReqDN() ) )
                 {
-                    user = GlobalUtils.getUser( reviewMgr, bind.getReqDN() );
+                    user = AuditUtils.getUser( reviewMgr, bind.getReqDN() );
                 }
                 if ( user == null )
                 {

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditBindListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditBindListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditBindListPanel.java
index 757b346..e5482d6 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditBindListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditBindListPanel.java
@@ -23,10 +23,10 @@ package org.apache.directory.fortress.web.panel;
 
 import com.googlecode.wicket.kendo.ui.form.datetime.DatePicker;
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
 
+import org.apache.directory.fortress.web.AuditUtils;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -43,7 +43,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.directory.fortress.web.AuditBindListModel;
 import org.apache.directory.fortress.web.AuditBindPage;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxLink;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -58,7 +58,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
@@ -97,7 +96,7 @@ public class AuditBindListPanel extends FormComponentPanel
 
     private void init( UserAudit userAudit )
     {
-        pageModel = new AuditBindListModel( userAudit, GlobalUtils.getRbacSession( this ) );
+        pageModel = new AuditBindListModel( userAudit, SecUtils.getSession( this ) );
         setDefaultModel( pageModel );
         createAndLoadGrid();
         this.listForm = new Form( "bindform" );
@@ -451,7 +450,7 @@ public class AuditBindListPanel extends FormComponentPanel
             {
                 bind.setReqResult( GlobalIds.FAILURE );
             }
-            bind.setReqDN( GlobalUtils.getAuthZId( bind.getReqDN() ) );
+            bind.setReqDN( AuditUtils.getAuthZId( bind.getReqDN() ) );
             rootNode.add( new DefaultMutableTreeNode( bind ) );
         }
     }

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditModDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditModDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditModDetailPanel.java
index 517e048..6766b68 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditModDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditModDetailPanel.java
@@ -25,6 +25,7 @@ import com.googlecode.wicket.jquery.core.Options;
 import com.googlecode.wicket.kendo.ui.datatable.DataTable;
 import com.googlecode.wicket.kendo.ui.datatable.column.IColumn;
 import com.googlecode.wicket.kendo.ui.datatable.column.PropertyColumn;
+import org.apache.directory.fortress.web.AuditUtils;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -39,7 +40,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SelectModelEvent;
 import org.apache.directory.fortress.core.AuditMgr;
 import org.apache.directory.fortress.core.ReviewMgr;
@@ -81,8 +82,8 @@ public class AuditModDetailPanel extends FormComponentPanel
     public AuditModDetailPanel( String id, Displayable display )
     {
         super( id );
-        this.auditMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
-        this.reviewMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.auditMgr.setAdmin( SecUtils.getSession( this ) );
+        this.reviewMgr.setAdmin( SecUtils.getSession( this ) );
         this.detailForm = new AuditAuthzDetailForm( GlobalIds.DETAIL_FIELDS, new CompoundPropertyModel<Mod>( new Mod() ) );
         this.display = display;
         add( detailForm );
@@ -150,7 +151,7 @@ public class AuditModDetailPanel extends FormComponentPanel
                     ftModifier = modifications.get( indx ).getValue();
                     if ( VUtil.isNotNullOrEmpty( ftModifier ) )
                     {
-                        user = GlobalUtils.getUserByInternalId( reviewMgr, ftModifier );
+                        user = AuditUtils.getUserByInternalId( reviewMgr, ftModifier );
                         userId = user.getUserId();
                     }
                 }

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/AuditModListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/AuditModListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/AuditModListPanel.java
index 5085d3a..0a40bc2 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/AuditModListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/AuditModListPanel.java
@@ -23,7 +23,6 @@ package org.apache.directory.fortress.web.panel;
 
 import com.googlecode.wicket.kendo.ui.form.datetime.DatePicker;
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
 
@@ -42,7 +41,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.directory.fortress.web.AuditModListModel;
 import org.apache.directory.fortress.web.AuditModPage;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxLink;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -58,7 +57,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
@@ -100,7 +98,7 @@ public class AuditModListPanel extends FormComponentPanel
 
     private void init( UserAudit userAudit )
     {
-        pageModel = new AuditModListModel( userAudit, GlobalUtils.getRbacSession( this ) );
+        pageModel = new AuditModListModel( userAudit, SecUtils.getSession( this ) );
         setDefaultModel( pageModel );
         createAndLoadGrid();
         this.listForm = new Form( "modform" );

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/GroupDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/GroupDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/GroupDetailPanel.java
index 811f54b..b20a0a9 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/GroupDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/GroupDetailPanel.java
@@ -28,6 +28,9 @@ import com.googlecode.wicket.kendo.ui.datatable.column.CommandsColumn;
 import com.googlecode.wicket.kendo.ui.datatable.column.IColumn;
 import com.googlecode.wicket.kendo.ui.datatable.column.PropertyColumn;
 import com.googlecode.wicket.kendo.ui.form.combobox.ComboBox;
+import org.apache.directory.api.ldap.model.exception.LdapInvalidDnException;
+import org.apache.directory.api.ldap.model.name.Dn;
+import org.apache.directory.api.ldap.model.name.Rdn;
 import org.apache.log4j.Logger;
 import org.apache.wicket.Component;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -47,7 +50,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -76,7 +79,6 @@ public class GroupDetailPanel extends FormComponentPanel
     private Displayable display;
     public static final int ROWS = 5;
 
-
     public Form getForm()
     {
         return this.editForm;
@@ -87,7 +89,7 @@ public class GroupDetailPanel extends FormComponentPanel
     {
         super( id );
 
-        this.groupMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.groupMgr.setAdmin( SecUtils.getSession( this ) );
         this.editForm = new GroupDetailForm( GlobalIds.EDIT_FIELDS, new CompoundPropertyModel<Group>( new Group() ) );
         editForm.setOutputMarkupId( true );
         this.display = display;
@@ -523,7 +525,7 @@ public class GroupDetailPanel extends FormComponentPanel
                         try
                         {
                             // TODO: figure out how to get the table to refresh its values here:
-                            String userId = GlobalUtils.getRdn( memberAssign );
+                            String userId = getRdn( memberAssign );
                             Group newGroup = groupMgr.assign( group, userId );
                             group.setMembers( newGroup.getMembers() );
 
@@ -765,7 +767,7 @@ public class GroupDetailPanel extends FormComponentPanel
                         try
                         {
                             // TODO: figure out how to get the table to refresh its values here:
-                            String userId = GlobalUtils.getRdn( value );
+                            String userId = getRdn( value );
                             Group newGroup = groupMgr.deassign( group, userId );
                             group.setMembers( newGroup.getMembers() );
                             table.refresh( target );
@@ -786,6 +788,31 @@ public class GroupDetailPanel extends FormComponentPanel
             addOrReplace( table );
         }
 
+        /**
+         * Method will retrieve the relative distinguished name from a distinguished name variable.
+         *
+         * @param szDn contains ldap distinguished name.
+         * @return rDn as string.
+         */
+        private String getRdn( String szDn )
+        {
+            String szRdn = null;
+            try
+            {
+                Dn dn = new Dn( szDn );
+                Rdn rDn = dn.getRdn();
+                szRdn = rDn.getName();
+            }
+            catch ( LdapInvalidDnException e )
+            {
+                String error = "GlobalUtils.getRdn dn: " + szDn + ", caught LdapInvalidDnException:" + e;
+                throw new RuntimeException( error );
+
+            }
+            return szRdn;
+        }
+
+
 
         public String getMemberAssign()
         {

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/GroupListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/GroupListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/GroupListPanel.java
index 6ec1bd7..b41438a 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/GroupListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/GroupListPanel.java
@@ -22,7 +22,6 @@ package org.apache.directory.fortress.web.panel;
 
 
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
 import org.apache.log4j.Logger;
@@ -40,7 +39,7 @@ import org.apache.wicket.markup.html.form.TextField;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.GroupListModel;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
@@ -55,7 +54,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -87,7 +85,7 @@ public class GroupListPanel extends FormComponentPanel
     public GroupListPanel( String id )
     {
         super( id );
-        GroupListModel groupListModel = new GroupListModel( new Group( "" ), GlobalUtils.getRbacSession( this ) );
+        GroupListModel groupListModel = new GroupListModel( new Group( "" ), SecUtils.getSession( this ) );
         setDefaultModel( groupListModel );
         addGrid();
         radioGroup = new RadioGroup( "searchOptions", new PropertyModel( this, "selectedRadioButton" ) );
@@ -146,7 +144,7 @@ public class GroupListPanel extends FormComponentPanel
                         srchObject.setMember( searchVal );
                         break;
                 }
-                setDefaultModel( new GroupListModel( srchObject, GlobalUtils.getRbacSession( this ) ) );
+                setDefaultModel( new GroupListModel( srchObject, SecUtils.getSession( this ) ) );
                 treeModel.reload();
                 rootNode.removeAllChildren();
                 List<Group> groups = ( List<Group> ) getDefaultModelObject();

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/NavPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/NavPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/NavPanel.java
index ef2f72d..2d99ba9 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/NavPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/NavPanel.java
@@ -662,7 +662,7 @@ public class NavPanel extends FormComponentPanel
                             try
                             {
                                 TestAuthorization testSecurity = new TestAuthorization();
-                                boolean result = testSecurity.checkAccess( GlobalUtils.getRbacSession( this ), "foo", "fighters" );
+                                boolean result = testSecurity.checkAccess( GlobalUtils.getSession( this ), "foo", "fighters" );
                                 Thread.sleep( 1000 );
                             }
                             catch ( InterruptedException e )

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/OUDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/OUDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/OUDetailPanel.java
index 157d8ff..9b1bf1e 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/OUDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/OUDetailPanel.java
@@ -40,7 +40,7 @@ import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -78,7 +78,7 @@ public class OUDetailPanel extends FormComponentPanel
     public OUDetailPanel( String id, Displayable display, boolean isUser )
     {
         super( id );
-        this.delAdminMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.delAdminMgr.setAdmin( SecUtils.getSession( this ) );
         this.isUser = isUser;
         OrgUnit ou = new OrgUnit();
         if ( isUser )

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/OUListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/OUListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/OUListPanel.java
index 4a07cab..893bfc1 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/OUListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/OUListPanel.java
@@ -22,7 +22,6 @@ package org.apache.directory.fortress.web.panel;
 
 
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
 import org.apache.log4j.Logger;
@@ -36,7 +35,7 @@ import org.apache.wicket.markup.html.form.TextField;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.OUListModel;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
@@ -49,7 +48,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -90,7 +88,7 @@ public class OUListPanel extends FormComponentPanel
             searchLabel = "Perm OU Name";
         }
 
-        OUListModel ouListModel = new OUListModel( orgUnit, GlobalUtils.getRbacSession( this ) );
+        OUListModel ouListModel = new OUListModel( orgUnit, SecUtils.getSession( this ) );
         setDefaultModel( ouListModel );
         List<IGridColumn<DefaultTreeModel, DefaultMutableTreeNode, String>> columns = new ArrayList<IGridColumn<DefaultTreeModel, DefaultMutableTreeNode, String>>();
         PropertyColumn name = new PropertyColumn<DefaultTreeModel, DefaultMutableTreeNode, String,
@@ -178,7 +176,7 @@ public class OUListPanel extends FormComponentPanel
                     srchOu.setType( OrgUnit.Type.PERM );
                 }
                 srchOu.setName( searchVal );
-                setDefaultModel( new OUListModel( srchOu, GlobalUtils.getRbacSession( this ) ) );
+                setDefaultModel( new OUListModel( srchOu, SecUtils.getSession( this ) ) );
                 treeModel.reload();
                 rootNode.removeAllChildren();
                 List<OrgUnit> orgUnits1 = ( List<OrgUnit> ) getDefaultModelObject();

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/OUSearchModalPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/OUSearchModalPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/OUSearchModalPanel.java
index 7f86b58..e7f4bbf 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/OUSearchModalPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/OUSearchModalPanel.java
@@ -38,7 +38,7 @@ import org.apache.wicket.markup.html.panel.Panel;
 import org.apache.wicket.model.LoadableDetachableModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.core.DelReviewMgr;
 import org.apache.directory.fortress.core.rbac.OrgUnit;
 
@@ -67,7 +67,7 @@ public class OUSearchModalPanel extends Panel
     public OUSearchModalPanel( String id, ModalWindow window, boolean isUser )
     {
         super( id );
-        this.delReviewMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.delReviewMgr.setAdmin( SecUtils.getSession( this ) );
         this.window = window;
         this.isUser = isUser;
         loadPanel();

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/ObjectDetailPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/ObjectDetailPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/ObjectDetailPanel.java
index 1809949..9bab27b 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/ObjectDetailPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/ObjectDetailPanel.java
@@ -38,7 +38,7 @@ import org.apache.wicket.model.CompoundPropertyModel;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
 import org.apache.directory.fortress.web.SelectModelEvent;
@@ -80,7 +80,7 @@ public class ObjectDetailPanel extends FormComponentPanel
         else
             objName = GlobalIds.ADMIN_MGR;
 
-        this.adminMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.adminMgr.setAdmin( SecUtils.getSession( this ) );
         this.editForm = new ObjectDetailForm( GlobalIds.EDIT_FIELDS, new CompoundPropertyModel<PermObj>( new PermObj() ) );
         this.display = display;
         add( editForm );

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/ObjectListPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/ObjectListPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/ObjectListPanel.java
index 49a3c0d..c07ddc7 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/ObjectListPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/ObjectListPanel.java
@@ -22,7 +22,6 @@ package org.apache.directory.fortress.web.panel;
 
 
 import com.inmethod.grid.IGridColumn;
-import com.inmethod.grid.SizeUnit;
 import com.inmethod.grid.column.PropertyColumn;
 import com.inmethod.grid.treegrid.TreeGrid;
 import org.apache.log4j.Logger;
@@ -40,7 +39,7 @@ import org.apache.wicket.markup.html.form.TextField;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.directory.fortress.web.GlobalIds;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.web.ObjectListModel;
 import org.apache.directory.fortress.web.SaveModelEvent;
 import org.apache.directory.fortress.web.SecureIndicatingAjaxButton;
@@ -55,7 +54,6 @@ import org.apache.directory.fortress.core.util.attr.VUtil;
 
 import javax.swing.tree.DefaultMutableTreeNode;
 import javax.swing.tree.DefaultTreeModel;
-import javax.swing.tree.TreeNode;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
@@ -90,7 +88,7 @@ public class ObjectListPanel extends FormComponentPanel
         super( id );
         this.isAdmin = isAdmin;
         ObjectListModel objectListModel = new ObjectListModel( new PermObj( "" ), isAdmin,
-            GlobalUtils.getRbacSession( this ) );
+            SecUtils.getSession( this ) );
         setDefaultModel( objectListModel );
         addGrid();
         radioGroup = new RadioGroup( "searchOptions", new PropertyModel( this, "selectedRadioButton" ) );
@@ -150,7 +148,7 @@ public class ObjectListPanel extends FormComponentPanel
                         break;
                 }
                 setDefaultModel( new ObjectListModel( srchObject, isAdmin,
-                    GlobalUtils.getRbacSession( this ) ) );
+                    SecUtils.getSession( this ) ) );
                 treeModel.reload();
                 rootNode.removeAllChildren();
                 List<PermObj> permObjs = ( List<PermObj> ) getDefaultModelObject();

http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/8fb94a07/src/main/java/org/apache/directory/fortress/web/panel/ObjectSearchModalPanel.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/panel/ObjectSearchModalPanel.java b/src/main/java/org/apache/directory/fortress/web/panel/ObjectSearchModalPanel.java
index c243722..93b9fa9 100644
--- a/src/main/java/org/apache/directory/fortress/web/panel/ObjectSearchModalPanel.java
+++ b/src/main/java/org/apache/directory/fortress/web/panel/ObjectSearchModalPanel.java
@@ -38,7 +38,7 @@ import org.apache.wicket.markup.html.panel.Panel;
 import org.apache.wicket.model.LoadableDetachableModel;
 import org.apache.wicket.model.PropertyModel;
 import org.apache.wicket.spring.injection.annot.SpringBean;
-import org.apache.directory.fortress.web.GlobalUtils;
+import org.apache.directory.fortress.web.SecUtils;
 import org.apache.directory.fortress.core.ReviewMgr;
 import org.apache.directory.fortress.core.rbac.PermObj;
 
@@ -67,7 +67,7 @@ public class ObjectSearchModalPanel extends Panel
     public ObjectSearchModalPanel( String id, ModalWindow window, final boolean isAdmin )
     {
         super( id );
-        this.reviewMgr.setAdmin( GlobalUtils.getRbacSession( this ) );
+        this.reviewMgr.setAdmin( SecUtils.getSession( this ) );
         this.window = window;
         loadPanel();
     }


Mime
View raw message