On Wed, 2007-09-26 at 16:00 +0800, Niclas Hedhman wrote:
> On Wednesday 26 September 2007 15:19, David Leangen wrote:
> > Wicket does not provide support for https out of the box. The procedure
> > is outline here:
> >
> > http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
>
> These people are insane!!!
>
> protected IRequestCycleProcessor newRequestCycleProcessor()
> {
> return new DefaultWebRequestCycleProcessor()
> {
> protected IResponseStrategy newResponseStrategy()
> {
> return new IResponseStrategy()
> {
>
> Who does anonymous classes inside anonymous classes?
> <shrug>
He he... Yeah, I found that funny, too, but ah, well.
Doesn't mean we have to do it that way.
> > I would like to add https support to my apps. However, their method says
> > to override Application, which is internal to Pax Wicket.
>
> So, the solution should be that one can register a RequestCycle factory in
> OSGi service registry, and the Application class delegates to it, if found
> otherwise delegate to the Application superclass.
> I think we should create a SSL bundle, which would enable SSL if
> loaded/started, otherwise fallback to HTTP.
I'm not so sure a separate bundle is really needed.
First off, if you look at the http service, http and https are all in
the same bundle. To me, that seems like an indication that the two are
somehow expected to be offered together, and are not so unrelated.
Second, we're talking about adding one annotation, one new class, and
overriding one method. Seems to me that adding a new bundle would be
overkill.
> > Any objections for me to add this kind of support in Pax Wicket?
>
> Not at all. This is a good use-case, as long as not an ultra-general hack is
> provided it is Ok. Also expect some serious troubles to get this to work...
>
> 1. You need a server cert.
Yep. But that's the user's concern ("user" meaning the provider of a
wicket-based https service).
> 2. You must have one IP number per cert, i.e. no virtual hosts.
Yep.
> 3. Pax Web or whatever must probably also be modified to support HTTPS.
Oh... maybe there's already an implementation around that supports
https. I can see that even Oscar did, so probably felix does, too.
Unless of course our Pax Web gurus want to add this. ;-)
I assume that Jetty already offers this out of the box, so it shouldn't
be much of a problem to add it to Pax Web at any rate.
Cheers,
David
_______________________________________________
general mailing list
general@lists.ops4j.org
http://lists.ops4j.org/mailman/listinfo/general
