Hi, As an outsider to the Wicket developer community (sorry), I am trying to improve the response to the dreaded PageExpiredException in my application, currently with focus on non-AJAX pages.
The result of testing responses for every of my pages is horrible because almost no pages are stateless. I don't want to go the stateless path yet because in that case I feel I lose Wicket's productivity advantage. It is just too convenient to pass LDM's in page constructors compared with coding PageParameter and dealing with the obvious checks avoiding security exploits. For most stateful pages, some hierarchy will never change such as a Link, StatelessLink sign-out menu item. It is frustrating to present the user with denial of service (PageExpiredException) in case the user wants to sign out after session expiry. Users cannot understand that especially with a remember-me cookie that always gives them a session whatever they do. I am looking for a result where after expiry Wicket will execute some requests by treating the page as if it was stateless even if it isn't. This is a compromise approach, but if successful it has the advantage that the additional effort of making a page stateless would need to be spent only where it is really obvious and worth it. Obviously some things must not happen such as updating a list item where the page does not get a model for it from a default constructor. But a sign-out link which is always in the same place of the page hierarchy should get its onClick method executed. I am asking for the support of the developer community for this feature being supported inside the Wicket framework. My selling point is that from my perspective PageExpiredException is Wicket's Achilles heel, and making progress in this area, even gradually, would be beneficial for most users of the framework. Kind Regards, Bernard
