Cookie, WebRequest and mount point
Hi. During the login I set a cookie called login. It works but when I want to logout, getWebRequest().getCookie(login) does not found the cookie so it does not remove it. The user is redirected to the LoginPage where it still found the original cookie that auto login the client. Why? Because the first time I search for the cookie, WebRequest have context / while the second time, in the LoginPage, has context /login. The reason is that the public page, when user land when is not logged in, is mounted this way: mountBookmarkablePage(login, LoginPage.class); this make the cookie be set for WebRequest with context /public. Logout link instead search for WebRequest with context /, with no cookie, so it cannot remove the old one and the user is logged out and logged in again automatically. In fact, If I do not mount pages, everything works. But I want to have nice URL. It is not important that landing page is /public, I would prefere that both landing page and home page (after signing in), have just / context. How can I achieve this? Any ideas? Thanks! -- Daniele Dellafiore http://danieledellafiore.net
Re: Cookie, WebRequest and mount point
always save your cookies using the / path -igor On Thu, Mar 18, 2010 at 10:14 AM, Daniele Dellafiore ilde...@gmail.com wrote: Hi. During the login I set a cookie called login. It works but when I want to logout, getWebRequest().getCookie(login) does not found the cookie so it does not remove it. The user is redirected to the LoginPage where it still found the original cookie that auto login the client. Why? Because the first time I search for the cookie, WebRequest have context / while the second time, in the LoginPage, has context /login. The reason is that the public page, when user land when is not logged in, is mounted this way: mountBookmarkablePage(login, LoginPage.class); this make the cookie be set for WebRequest with context /public. Logout link instead search for WebRequest with context /, with no cookie, so it cannot remove the old one and the user is logged out and logged in again automatically. In fact, If I do not mount pages, everything works. But I want to have nice URL. It is not important that landing page is /public, I would prefere that both landing page and home page (after signing in), have just / context. How can I achieve this? Any ideas? Thanks! -- Daniele Dellafiore http://danieledellafiore.net - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: Cookie, WebRequest and mount point
is what I have done, I ask my self if is fine. I have backported the IAuthenticationStrategy and CookieUtils from 1.5 and CookieUtils initialize the cookie with the path. I have hacked it and it works. I wonder if I will have any other problem in future. On Thu, Mar 18, 2010 at 6:34 PM, Igor Vaynberg igor.vaynb...@gmail.comwrote: always save your cookies using the / path -igor On Thu, Mar 18, 2010 at 10:14 AM, Daniele Dellafiore ilde...@gmail.com wrote: Hi. During the login I set a cookie called login. It works but when I want to logout, getWebRequest().getCookie(login) does not found the cookie so it does not remove it. The user is redirected to the LoginPage where it still found the original cookie that auto login the client. Why? Because the first time I search for the cookie, WebRequest have context / while the second time, in the LoginPage, has context /login. The reason is that the public page, when user land when is not logged in, is mounted this way: mountBookmarkablePage(login, LoginPage.class); this make the cookie be set for WebRequest with context /public. Logout link instead search for WebRequest with context /, with no cookie, so it cannot remove the old one and the user is logged out and logged in again automatically. In fact, If I do not mount pages, everything works. But I want to have nice URL. It is not important that landing page is /public, I would prefere that both landing page and home page (after signing in), have just / context. How can I achieve this? Any ideas? Thanks! -- Daniele Dellafiore http://danieledellafiore.net - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org -- Daniele Dellafiore http://danieledellafiore.net