Re: [Wicket-user] To SSL And Back
Hi Nick, Did you find a solution for moving from HTTP to HTTPS and then back. I need to do the same in one of the wicket projects i am working. At the moment i am using acegi's ChannelProcessingFilter to do this. Don't know if this is the ideal solution, if there is any better (Wicket) way of doing it , i would like to go that way. Thanks Dipu - Original Message - From: Nick Heudecker To: wicket-user@lists.sourceforge.net Sent: Tuesday, December 06, 2005 4:32 PM Subject: [Wicket-user] To SSL And Back Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time.
Re: [Wicket-user] To SSL And Back
I'm working on adding the functionality to Wicket. Should be a few more days. On 12/20/05, Dipu [EMAIL PROTECTED] wrote: Hi Nick, Did you find a solution for moving from HTTP to HTTPS and then back. I need to do the same in one of the wicket projects i am working. At the moment i am using acegi's ChannelProcessingFilter to do this. Don't know if this is the ideal solution, if there is any better (Wicket) way of doing it , i would like to go that way. Thanks Dipu - Original Message - From: Nick Heudecker To: wicket-user@lists.sourceforge.net Sent: Tuesday, December 06, 2005 4:32 PM Subject: [Wicket-user] To SSL And Back Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time.
[Wicket-user] To SSL And Back
Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time.
Re: [Wicket-user] To SSL And Back
I don't know. What is the main problem you are having (hard coding url's probably), and do you have an idea of how support should look like? For instance, would it (ssl/ normal) be something you could configure your page maps with? Any other people been doing this? How do competing frameworks (non-model 2) do this? Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] To SSL And Back
I'd like to either see something like WebPage.isSecure() or WebPage.getScheme(), like Christian suggested. I don't think redirecting to an HTTPS page would work in checkAccess() because I believe form properties from a POST would be lost. On 12/6/05, Christian Essl [EMAIL PROTECTED] wrote: There was some discussion on the lists where Phil recommended a methodWebPage.isSecure() which than indicates to make redirect to a https URL. Idon't see this method, because I think you can implement it yourself with overrideing checkAcess() and than redirect yourself if no https (seehttp://sourceforge.net/mailarchive/message.php?msg_id=12587490 and search the users list for SSL)In tapestry you can set the scheme (https) for links manually and check invalidate() that the actual scheme is https.Mayb WebPage could have a getScheme() like getMarkupType()? ChristianOn Tue, 6 Dec 2005 09:52:10 -0800, Eelco Hillenius[EMAIL PROTECTED] wrote: I don't know. What is the main problem you are having (hard coding url's probably), and do you have an idea of how support should look like? For instance, would it (ssl/ normal) be something you could configure your page maps with? Any other people been doing this? How do competing frameworks (non-model 2) do this? Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP?This is handled within Struts by the SSLEXT package. Thanks for your time. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems?Stop!Download the new AJAX search engine that makes searching your log files as easy as surfing theweb.DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user--Christian Essl___Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de---This SF.net email is sponsored by: Splunk Inc. Do you grep through log filesfor problems?Stop!Download the new AJAX search engine that makes searching your log files as easy as surfing theweb.DOWNLOAD SPLUNK!http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] To SSL And Back
I'm a bit tied up at the moment, but patches would be welcome :) Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: I'd like to either see something like WebPage.isSecure() or WebPage.getScheme(), like Christian suggested. I don't think redirecting to an HTTPS page would work in checkAccess() because I believe form properties from a POST would be lost. On 12/6/05, Christian Essl [EMAIL PROTECTED] wrote: There was some discussion on the lists where Phil recommended a method WebPage.isSecure() which than indicates to make redirect to a https URL. I don't see this method, because I think you can implement it yourself with overrideing checkAcess() and than redirect yourself if no https (see http://sourceforge.net/mailarchive/message.php?msg_id=12587490 and search the users list for SSL) In tapestry you can set the scheme (https) for links manually and check in validate() that the actual scheme is https. Mayb WebPage could have a getScheme() like getMarkupType()? Christian On Tue, 6 Dec 2005 09:52:10 -0800, Eelco Hillenius [EMAIL PROTECTED] wrote: I don't know. What is the main problem you are having (hard coding url's probably), and do you have an idea of how support should look like? For instance, would it (ssl/ normal) be something you could configure your page maps with? Any other people been doing this? How do competing frameworks (non-model 2) do this? Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user -- Christian Essl ___ Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] To SSL And Back
On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: I don't think redirecting to an HTTPS page would work in checkAccess() because I believe form properties from a POST would be lost. Unless you redirect with 307 which is supported by modern browsers (umm, differently). But in this case the proper browser would presend a confirmation dialog, which does not look pretty. http://ppewww.ph.gla.ac.uk/~flavell/www/post-redirect.html Michael. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] To SSL And Back
Okay. I'm guessing this would impact WebPage and possibly the Link class. Anything else you think I should look at?On 12/6/05, Eelco Hillenius [EMAIL PROTECTED] wrote:I'm a bit tied up at the moment, but patches would be welcome :) EelcoOn 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: I'd like to either see something like WebPage.isSecure() or WebPage.getScheme (), like Christian suggested.I don't think redirecting to an HTTPS page would work in checkAccess() because I believe form properties from a POST would be lost. On 12/6/05, Christian Essl [EMAIL PROTECTED] wrote: There was some discussion on the lists where Phil recommended a method WebPage.isSecure() which than indicates to make redirect to a https URL. I don't see this method, because I think you can implement it yourself with overrideing checkAcess() and than redirect yourself if no https (see http://sourceforge.net/mailarchive/message.php?msg_id=12587490 and search the users list for SSL) In tapestry you can set the scheme (https) for links manually and check in validate() that the actual scheme is https. Mayb WebPage could have a getScheme() like getMarkupType()? Christian On Tue, 6 Dec 2005 09:52:10 -0800, Eelco Hillenius [EMAIL PROTECTED] wrote:I don't know. What is the main problem you are having (hard coding url's probably), and do you have an idea of how support should look like? For instance, would it (ssl/ normal) be something you could configure your page maps with? Any other people been doing this? How do competing frameworks (non-model 2) do this? Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP?This is handled within Struts by the SSLEXT package. Thanks for your time. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems?Stop!Download the new AJAX search engine that makes searching your log files as easy as surfing theweb.DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user -- Christian Essl ___ Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems?Stop!Download the new AJAX search engine that makes searching your log files as easy as surfing theweb.DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user ---This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems?Stop!Download the new AJAX search engine that makessearching your log files as easy as surfing theweb.DOWNLOAD SPLUNK!http://ads.osdn.com/?ad_idv37alloc_id865opclick ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] To SSL And Back
I'd take a look at Page.urlFor()-urlPrefix(). However I do not know how this plays together with the new refactorings. Christian On Tue, 6 Dec 2005 15:37:24 -0600, Nick Heudecker [EMAIL PROTECTED] wrote: Okay. I'm guessing this would impact WebPage and possibly the Link class. Anything else you think I should look at? On 12/6/05, Eelco Hillenius [EMAIL PROTECTED] wrote: I'm a bit tied up at the moment, but patches would be welcome :) Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: I'd like to either see something like WebPage.isSecure() or WebPage.getScheme(), like Christian suggested. I don't think redirecting to an HTTPS page would work in checkAccess() because I believe form properties from a POST would be lost. On 12/6/05, Christian Essl [EMAIL PROTECTED] wrote: There was some discussion on the lists where Phil recommended a method WebPage.isSecure() which than indicates to make redirect to a https URL. I don't see this method, because I think you can implement it yourself with overrideing checkAcess() and than redirect yourself if no https (see http://sourceforge.net/mailarchive/message.php?msg_id=12587490 and search the users list for SSL) In tapestry you can set the scheme (https) for links manually and check in validate() that the actual scheme is https. Mayb WebPage could have a getScheme() like getMarkupType()? Christian On Tue, 6 Dec 2005 09:52:10 -0800, Eelco Hillenius [EMAIL PROTECTED] wrote: I don't know. What is the main problem you are having (hard coding url's probably), and do you have an idea of how support should look like? For instance, would it (ssl/ normal) be something you could configure your page maps with? Any other people been doing this? How do competing frameworks (non-model 2) do this? Eelco On 12/6/05, Nick Heudecker [EMAIL PROTECTED] wrote: Is there a recommended way, within Wicket, to move a user from HTTP to HTTPS for one or several pages, then move them back to HTTP? This is handled within Struts by the SSLEXT package. Thanks for your time. --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user -- Christian Essl ___ Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865opclick ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user -- Christian Essl ___ Gesendet von Yahoo! Mail - Jetzt mit 1GB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user