Author: ivaynberg
Date: Thu Aug 26 21:30:59 2010
New Revision: 989939
URL: http://svn.apache.org/viewvc?rev=989939&view=rev
Log:
Issue: WICKET-2903
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsConfig.java
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsConfig.java
URL:
http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsConfig.java?rev=989939&r1=989938&r2=989939&view=diff
==============================================================================
---
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsConfig.java
(original)
+++
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsConfig.java
Thu Aug 26 21:30:59 2010
@@ -27,6 +27,12 @@ public class HttpsConfig
private int httpsPort = 443;
/**
+ * A flag which can be used to configure {...@link
HttpsRequestCycleProcessor} to bind or not the
+ * session before switching to secure (https) mode
+ */
+ private boolean preferStateful = true;
+
+ /**
* Constructor
*/
public HttpsConfig()
@@ -84,4 +90,31 @@ public class HttpsConfig
{
return httpsPort;
}
+
+ /**
+ * @see #setPreferStateful(boolean)
+ * @return preferStateless
+ */
+ public boolean isPreferStateful()
+ {
+ return preferStateful;
+ }
+
+ /**
+ * Sets whether or not a new session is created before redirecting from
{...@code http} to
+ * {...@code https}
+ * <p>
+ * BE VERY CAREFUL WHEN SETTING THIS VALUE TO {...@code false}.
+ *
+ * If set to {...@code false} it is possible that the session created
when in {...@code https} pages
+ * will not be accessible to {...@code http} pages, and so you may end
up with two sessions per
+ * user both potentially containing different login information.
+ * </p>
+ *
+ * @param preferStateful
+ */
+ public void setPreferStateful(boolean preferStateful)
+ {
+ this.preferStateful = preferStateful;
+ }
}
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
URL:
http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java?rev=989939&r1=989938&r2=989939&view=diff
==============================================================================
---
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
(original)
+++
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
Thu Aug 26 21:30:59 2010
@@ -209,9 +209,12 @@ public class HttpsRequestCycleProcessor
@Override
public IRequestTarget resolve(RequestCycle rc, RequestParameters rp)
{
+ if (portConfig.isPreferStateful())
+ {
// we need to persist the session before a redirect to https so
the session lasts across
// both http and https calls.
Session.get().bind();
+ }
IRequestTarget target = super.resolve(rc, rp);
return checkSecure(target);
