RE: IE9 Memory leak when updating component with Ajax (Wicket 1.5.5)

2012-04-04 Thread Heikki Uotinen
Ok, this leak can be avoided by updating rapidly changing components with 
jQuery 
before upgrading to Wicket 6,

-Heikki

-Original Message-
From: Heikki Uotinen [mailto:heikki.uoti...@syncrontech.com] 
Sent: 3. huhtikuuta 2012 16:17
To: users@wicket.apache.org
Subject: IE9 Memory leak when updating component with Ajax (Wicket 1.5.5)

Hi,

it seems that IE9 leaks memory heavily when updating components with Ajax in 
IE9 document mode.

There is no leak after setting document to IE8 mode

meta http-equiv=X-UA-Compatible content=IE=8/

Any ideas to resolve this without forcing IE8 mode ?

There have been past issues, but found no current issue related to this, quick 
start code is very simple, Opera, Firefox, Chrome work fine.


public HomePage(final PageParameters parameters)
{
 Label testDiv = new Label(testDiv, new 
PropertyModel(this, data));
 testDiv.setOutputMarkupId(true);
 add(testDiv);

 AjaxSelfUpdatingTimerBehavior timer = new 
AjaxSelfUpdatingTimerBehavior(Duration.milliseconds(200));
 testDiv.add(timer);
}

public String getData()
{
 Date now = new Date();
 return now.toString();
}

html
head
!-- No leak if this is set
meta http-equiv=X-UA-Compatible content=IE=8/
--
/head
body
div wicket:id=testDiv/div
/body
/html

-Heikki

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: IE9 Memory leak when updating component with Ajax (Wicket 1.5.5)

2012-04-04 Thread Martin Grigorov
Hi,

Can you share your findings ?
What exactly you think caused the memory leak and how exactly did you
solve it with jQuery ?

On Wed, Apr 4, 2012 at 8:14 AM, Heikki Uotinen
heikki.uoti...@syncrontech.com wrote:
 Ok, this leak can be avoided by updating rapidly changing components with 
 jQuery
 before upgrading to Wicket 6,

 -Heikki

 -Original Message-
 From: Heikki Uotinen [mailto:heikki.uoti...@syncrontech.com]
 Sent: 3. huhtikuuta 2012 16:17
 To: users@wicket.apache.org
 Subject: IE9 Memory leak when updating component with Ajax (Wicket 1.5.5)

 Hi,

 it seems that IE9 leaks memory heavily when updating components with Ajax in 
 IE9 document mode.

 There is no leak after setting document to IE8 mode

 meta http-equiv=X-UA-Compatible content=IE=8/

 Any ideas to resolve this without forcing IE8 mode ?

 There have been past issues, but found no current issue related to this, 
 quick start code is very simple, Opera, Firefox, Chrome work fine.


            public HomePage(final PageParameters parameters)
            {
                         Label testDiv = new Label(testDiv, new 
 PropertyModel(this, data));
                         testDiv.setOutputMarkupId(true);
                         add(testDiv);

                         AjaxSelfUpdatingTimerBehavior timer = new 
 AjaxSelfUpdatingTimerBehavior(Duration.milliseconds(200));
                         testDiv.add(timer);
            }

            public String getData()
            {
                         Date now = new Date();
                         return now.toString();
            }

            html
            head
            !-- No leak if this is set
                        meta http-equiv=X-UA-Compatible content=IE=8/
            --
            /head
            body
                        div wicket:id=testDiv/div
            /body
            /html

 -Heikki

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Debugging error

2012-04-04 Thread SudeepShakya
I have attached the files.
http://apache-wicket.1842946.n4.nabble.com/file/n4531058/Votes.java
Votes.java 
http://apache-wicket.1842946.n4.nabble.com/file/n4531058/VoteEditForm.java
VoteEditForm.java 
http://apache-wicket.1842946.n4.nabble.com/file/n4531058/VoteCollection.java
VoteCollection.java 
http://apache-wicket.1842946.n4.nabble.com/file/n4531058/VoteCollectionJDBC.java
VoteCollectionJDBC.java/nabblelt;nabble_a
href=quot;VoteDisplayPage.javaquot;VoteDisplayPage.java _a

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531058.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket with ServletContainerInitializer

2012-04-04 Thread Christoph Leiter

Hi,

I'll reply to my own message. :) Martin Grigorov figured out that Jetty 
doesn't install the DefaultServlet in this configuration. Without a 
servlet the WicketFilter cannot work.


There's now new working sample code at
https://issues.apache.org/jira/browse/WICKET-4350


Christoph


Christoph Leiter (2012-04-03 12:55):

Hi,

I'm trying to use ServletContainerInitializer to start my wicket
application. There's already work done to support this in WICKET-4350.
It's not working for me, however. The filter is registered in jetty but
I get a 404 response for every request.

What I've done so far (starting from a quickstart):
1) Add dependency:
org.eclipse.jetty.orbit:org.objectweb.asm:3.1.0.v200803061910
2) Delete web.xml
3) Create file
META-INF/services/javax.servlet.ServletContainerInitializer with the
content com.mycompany.Initializer
4) Add AnnotationConfiguration to the jetty configuration:
bb.setConfigurations(new Configuration[] { new AnnotationConfiguration()
});
5) Add Initializer:

| public class Initializer implements ServletContainerInitializer {
| @Override
| public void onStartup(SetClass? c, ServletContext servletContext)
throws ServletException {
| WicketApplication app = new WicketApplication();
| app.setConfigurationType(RuntimeConfigurationType.DEVELOPMENT);
| WicketFilter wicketFilter = new WicketFilter(app);
| wicketFilter.setFilterPath();
| Dynamic filter = servletContext.addFilter(wicket, wicketFilter);
| filter.addMappingForUrlPatterns(EnumSet.allOf(DispatcherType.class),
true, /*);
| }
| }

That's the relevant part of the jetty debug log for the filter
registration:

| DEBUG - Container - Container
org.eclipse.jetty.servlet.ServletHandler@78334ba0 + wicket as filter
| DEBUG - Container - Container
org.eclipse.jetty.servlet.ServletHandler@78334ba0 + [/*]/[]==31=wicket
as filterMapping
| DEBUG - ServletHandler - filterNameMap={wicket=wicket}
| DEBUG - ServletHandler - pathFilters=[[/*]/[]==31=wicket]
| DEBUG - ServletHandler - servletFilterMap={}
| DEBUG - ServletHandler - servletPathMap=null
| DEBUG - ServletHandler - servletNameMap={}
| DEBUG - AbstractLifeCycle - starting wicket
| DEBUG - WebAppClassLoader - loaded class org.apache.wicket.Initializer
from sun.misc.Launcher$AppClassLoader@7981c4eb
| INFO - Application - [wicket] init: Wicket core library initializer

The log for a request to /:

| DEBUG - Server - REQUEST / on
BlockingHttpConnection@3c7352d1,g=HttpGenerator{s=0,h=-1,b=-1,c=-1},p=HttpParser{s=-5,l=18,c=0},r=1

| DEBUG - ContextHandler - scope null||/ @
o.e.j.w.WebAppContext{/,null},src/main/webapp
| DEBUG - ContextHandler - context=||/ @
o.e.j.w.WebAppContext{/,null},src/main/webapp
| DEBUG - session -
sessionManager=org.eclipse.jetty.server.session.HashSessionManager@efc0830
| DEBUG - session - session=null
| DEBUG - ServletHandler - servlet ||/ - null
| DEBUG - ServletHandler - chain=null
| DEBUG - ServletHandler - Not Found /
| DEBUG - Server - RESPONSE / 404

Environment is Wicket 1.5.5, jetty 8.1.2. I tried with Tomcat 7 as well
but no luck either.

Any help is appreciated


Christoph

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Hi!

We are using Wicket 1.4.20 and Tomcat 7.0.21.

After form based authentication (configured in web.xml) we call 
wicketSession.replaceSession() in the constructor of our base page and send a 
redirect to our welcome page. Due to tomcat's session fixation protection the 
session id changes for some times. After rendering the welcome page the session 
id stored in wicket's session store is not equal to the JSESSIONID.

Are we doing anything wrong? Any idea?

Regards,
Thomas

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: Debugging error

2012-04-04 Thread Michal Wegrzyn
Look at VoteEditForm constructor.

Form form = new Form(form,new CompoundPropertyModel(aVote)) {...}

Object aVote is null.

Best regards,
Michal Wegrzyn

 -Original Message-
 From: SudeepShakya [mailto:shakyasud...@live.com]
 Sent: Wednesday, April 04, 2012 8:20
 To: users@wicket.apache.org
 Subject: Re: Debugging error
 
 I have attached the files.
 http://apache-wicket.1842946.n4.nabble.com/file/n4531058/Votes.java
 Votes.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteEditForm.java
 VoteEditForm.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteCollection.java
 VoteCollection.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteCollectionJDBC.java
 VoteCollectionJDBC.java/nabblelt;nabble_a
 href=quot;VoteDisplayPage.javaquot;VoteDisplayPage.java _a
 
 --
 View this message in context: http://apache-
 wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531058.html
 Sent from the Users forum mailing list archive at Nabble.com.
 
 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Martin Grigorov
Hi Thomas,

Wicket doesn't store anything in its session store.
It always uses the currently active http session to get the id.
See 
org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
boolean)

On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
 Hi!

 We are using Wicket 1.4.20 and Tomcat 7.0.21.

 After form based authentication (configured in web.xml) we call 
 wicketSession.replaceSession() in the constructor of our base page and send a 
 redirect to our welcome page. Due to tomcat's session fixation protection the 
 session id changes for some times. After rendering the welcome page the 
 session id stored in wicket's session store is not equal to the JSESSIONID.

 Are we doing anything wrong? Any idea?

 Regards,
 Thomas

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Debugging error

2012-04-04 Thread Martin Grigorov
On Wed, Apr 4, 2012 at 9:37 AM, Michal Wegrzyn michal.wegr...@onior.com wrote:
 Look at VoteEditForm constructor.

 Form form = new Form(form,new CompoundPropertyModel(aVote)) {...}

 Object aVote is null.

It is not null. It is misleading because there is a member field and
constructor parameter with the same name.
CompoundPropertyModel also throws an exception when null is passed so
it is immediately clear.
But the pasted code is hard to read with all these comments and indents...


 Best regards,
 Michal Wegrzyn

 -Original Message-
 From: SudeepShakya [mailto:shakyasud...@live.com]
 Sent: Wednesday, April 04, 2012 8:20
 To: users@wicket.apache.org
 Subject: Re: Debugging error

 I have attached the files.
 http://apache-wicket.1842946.n4.nabble.com/file/n4531058/Votes.java
 Votes.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteEditForm.java
 VoteEditForm.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteCollection.java
 VoteCollection.java
 http://apache-
 wicket.1842946.n4.nabble.com/file/n4531058/VoteCollectionJDBC.java
 VoteCollectionJDBC.java/nabblelt;nabble_a
 href=quot;VoteDisplayPage.javaquot;VoteDisplayPage.java _a

 --
 View this message in context: http://apache-
 wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531058.html
 Sent from the Users forum mailing list archive at Nabble.com.

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org


 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Martin Grigorov
Hi Chris,

Can you attach a quickstart to
https://issues.apache.org/jira/browse/WICKET-4260 ?
Thanks!

On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.comwrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful log on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I’ve tracked it down to the ‘continue to destination’ that occurs after a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the ‘continue’ attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.acme.testurl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra ‘./’ before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat error.***
 *

 ** **

 Note: this was verified on IE8 but may happen on other IE versions also.**
 **

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278 Canberra: (+61 2) 6100 2120
 

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/


Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Martin Grigorov
Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful log on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I’ve tracked it down to the ‘continue to destination’ that occurs after a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the ‘continue’ attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.acme.testurl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra ‘./’ before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278 Canberra: (+61 2) 6100 2120
  

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/


RE: Debugging error

2012-04-04 Thread Michal Wegrzyn
 -Original Message-
 From: Martin Grigorov [mailto:mgrigo...@apache.org]
 Sent: Wednesday, April 04, 2012 9:41
 To: users@wicket.apache.org
 Subject: Re: Debugging error
 
 On Wed, Apr 4, 2012 at 9:37 AM, Michal Wegrzyn
 michal.wegr...@onior.com wrote:
  Look at VoteEditForm constructor.
 
  Form form = new Form(form,new CompoundPropertyModel(aVote)) {...}
 
  Object aVote is null.
 
 It is not null. It is misleading because there is a member field and
 constructor parameter with the same name.

I think that you are saying... about commented code ;-)

 CompoundPropertyModel also throws an exception when null is passed so
 it is immediately clear.

Is it? It seems like CompoundPropertyModel sets only its object field.

 But the pasted code is hard to read with all these comments and
 indents...
 
 
  Best regards,
  Michal Wegrzyn
 
  -Original Message-
  From: SudeepShakya [mailto:shakyasud...@live.com]
  Sent: Wednesday, April 04, 2012 8:20
  To: users@wicket.apache.org
  Subject: Re: Debugging error
 
  I have attached the files.
  http://apache-wicket.1842946.n4.nabble.com/file/n4531058/Votes.java
  Votes.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteEditForm.java
  VoteEditForm.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteCollection.java
  VoteCollection.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteCollectionJDBC.java
  VoteCollectionJDBC.java/nabblelt;nabble_a
  href=quot;VoteDisplayPage.javaquot;VoteDisplayPage.java _a
 
  --
  View this message in context: http://apache-
  wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531058.html
  Sent from the Users forum mailing list archive at Nabble.com.
 
  
 -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
 
 
 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com
 
 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org



Re: Debugging error

2012-04-04 Thread Martin Grigorov
On Wed, Apr 4, 2012 at 9:53 AM, Michal Wegrzyn michal.wegr...@onior.com wrote:
 -Original Message-
 From: Martin Grigorov [mailto:mgrigo...@apache.org]
 Sent: Wednesday, April 04, 2012 9:41
 To: users@wicket.apache.org
 Subject: Re: Debugging error

 On Wed, Apr 4, 2012 at 9:37 AM, Michal Wegrzyn
 michal.wegr...@onior.com wrote:
  Look at VoteEditForm constructor.
 
  Form form = new Form(form,new CompoundPropertyModel(aVote)) {...}
 
  Object aVote is null.

 It is not null. It is misleading because there is a member field and
 constructor parameter with the same name.

 I think that you are saying... about commented code ;-)

Right. I give up reading this code :-)


 CompoundPropertyModel also throws an exception when null is passed so
 it is immediately clear.

 Is it? It seems like CompoundPropertyModel sets only its object field.

Correct!
The check is only in 6.x...
Now is the time someone to tell me whether I broke it in 6.x or
improve it. I think it is an improvement.


 But the pasted code is hard to read with all these comments and
 indents...

 
  Best regards,
  Michal Wegrzyn
 
  -Original Message-
  From: SudeepShakya [mailto:shakyasud...@live.com]
  Sent: Wednesday, April 04, 2012 8:20
  To: users@wicket.apache.org
  Subject: Re: Debugging error
 
  I have attached the files.
  http://apache-wicket.1842946.n4.nabble.com/file/n4531058/Votes.java
  Votes.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteEditForm.java
  VoteEditForm.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteCollection.java
  VoteCollection.java
  http://apache-
  wicket.1842946.n4.nabble.com/file/n4531058/VoteCollectionJDBC.java
  VoteCollectionJDBC.java/nabblelt;nabble_a
  href=quot;VoteDisplayPage.javaquot;VoteDisplayPage.java _a
 
  --
  View this message in context: http://apache-
  wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531058.html
  Sent from the Users forum mailing list archive at Nabble.com.
 
  
 -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 



 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
Tomcat 6.0.20

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278 Canberra: (+61 2) 6100
2120
  

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



AW: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Hi Martin,

but the AbstractHttpSesionStore has a SessionBindingListener which stores the 
session id and the Session class has an id member variable.

The getId() implementation of the Session class uses the following logic:

if (id == null)
  id = getSessionStore().getSessionId(RequestCycle.get().getRequest(), false);

After our login procedure Session.getId() is never equal to httpSession.getId()

Thomas

-Ursprüngliche Nachricht-
Von:Martin Grigorov mgrigo...@apache.org
Gesendet:   Mi 04.04.2012 09:39
Betreff:Re: Wicket session id not up to date due to Tomcat session 
fixation protection
An: users@wicket.apache.org; 
 Hi Thomas,
 
 Wicket doesn't store anything in its session store.
 It always uses the currently active http session to get the id.
 See 
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
 boolean)
 
 On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
  Hi!
 
  We are using Wicket 1.4.20 and Tomcat 7.0.21.
 
  After form based authentication (configured in web.xml) we call 
 wicketSession.replaceSession() in the constructor of our base page and send a 
 redirect to our welcome page. Due to tomcat's session fixation protection the 
 session id changes for some times. After rendering the welcome page the 
 session 
 id stored in wicket's session store is not equal to the JSESSIONID.
 
  Are we doing anything wrong? Any idea?
 
  Regards,
  Thomas
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
 
 
 -- 
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com
 
 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org
 


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: wicketstuff.org - down

2012-04-04 Thread Martijn Dashorst
I've updated the wicketstuff.org repo with a CNAME file, and updated
the DNS records. Should start working in a couple of hours.

Martijn

On Tue, Apr 3, 2012 at 11:34 PM, Igor Vaynberg igor.vaynb...@gmail.com wrote:
 redirect on the registrar...

 -igor

 On Tue, Apr 3, 2012 at 2:26 PM, Martin Grigorov mgrigo...@apache.org wrote:
 If the site is down then how the redirect would work ? :-)
 Read the content of the page. There is a link to the examples

 On Tue, Apr 3, 2012 at 11:23 PM, Brown, Berlin [GCG-PFS]
 berlin.br...@primerica.com wrote:
 Could someone add a redirect to the wicketstuff github site.  And I 
 assuming that github doesn’t host java web applications, so the java web 
 apps are somewhere else?

 -Original Message-
 From: Martin Grigorov [mailto:mgrigo...@apache.org]
 Sent: Tuesday, April 03, 2012 5:16 PM
 To: users@wicket.apache.org
 Subject: Re: wicketstuff.org - down

 http://wicketstuff.github.com/

 On Tue, Apr 3, 2012 at 11:14 PM, Jeffrey Schneller 
 jeffrey.schnel...@envisa.com wrote:
 Wicketstuff.org appears to be down.  Any ideas on when it will be back up?





 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org





 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org


 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Become a Wicket expert, learn from the best: http://wicketinaction.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Martin Grigorov
Hi Thomas,

On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
 Hi Martin,

 but the AbstractHttpSesionStore has a SessionBindingListener which stores the 
 session id and the Session class has an id member variable.

This is improved in 6.x and the session is taken from the passed
event. I can backport it to 1.5.x too.


 The getId() implementation of the Session class uses the following logic:

 if (id == null)
  id = getSessionStore().getSessionId(RequestCycle.get().getRequest(), false);

 After our login procedure Session.getId() is never equal to 
 httpSession.getId()

This deserves a ticket - the 'id' member should be reset to 'null' in
#replaceSession().

Please file a ticket.


 Thomas

 -Ursprüngliche Nachricht-
 Von:    Martin Grigorov mgrigo...@apache.org
 Gesendet:       Mi 04.04.2012 09:39
 Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
 An:     users@wicket.apache.org;
 Hi Thomas,

 Wicket doesn't store anything in its session store.
 It always uses the currently active http session to get the id.
 See
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
 boolean)

 On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
  Hi!
 
  We are using Wicket 1.4.20 and Tomcat 7.0.21.
 
  After form based authentication (configured in web.xml) we call
 wicketSession.replaceSession() in the constructor of our base page and send a
 redirect to our welcome page. Due to tomcat's session fixation protection the
 session id changes for some times. After rendering the welcome page the 
 session
 id stored in wicket's session store is not equal to the JSESSIONID.
 
  Are we doing anything wrong? Any idea?
 
  Regards,
  Thomas
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 



 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org



 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Debugging error

2012-04-04 Thread SudeepShakya
Hello guys don't fight each other.
What's the conclusion ??

I am using wicket 1.5.3

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531245.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: Debugging error

2012-04-04 Thread Michal Wegrzyn
We did not fight each other... We fought with your code!

Best regards,
Michal Wegrzyn

 -Original Message-
 From: SudeepShakya [mailto:shakyasud...@live.com]
 Sent: Wednesday, April 04, 2012 10:35
 To: users@wicket.apache.org
 Subject: Re: Debugging error
 
 Hello guys don't fight each other.
 What's the conclusion ??
 
 I am using wicket 1.5.3
 
 --
 View this message in context: http://apache-
 wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531245.html
 Sent from the Users forum mailing list archive at Nabble.com.
 
 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: Debugging error

2012-04-04 Thread SudeepShakya
 Ok, very well. U said that there is null in the constructor, what's that, I
don't understand.

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Debugging-error-tp4530892p4531271.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



AW: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Hi Martin,

see inline.

Thanks!
Thomas

-Ursprüngliche Nachricht-
Von:Martin Grigorov mgrigo...@apache.org
Gesendet:   Mi 04.04.2012 10:26
Betreff:Re: Wicket session id not up to date due to Tomcat session 
fixation protection
An: users@wicket.apache.org; 
 Hi Thomas,
 
 On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  but the AbstractHttpSesionStore has a SessionBindingListener which stores 
  the 
 session id and the Session class has an id member variable.
 
 This is improved in 6.x and the session is taken from the passed
 event. I can backport it to 1.5.x too.

Please take a look at this. I put some log statements in the session class. For 
me the lookup method looks weird. Take a look at the following code:

public Session lookup(Request request) {
   String sessionId = getSessionId(request, false);
   LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
   if (sessionId != null) {
  WebRequest webRequest = toWebRequest(request);
  Session session = (Session)getAttribute(webRequest, 
Session.SESSION_ATTRIBUTE_NAME);
  LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}] 
[session={}],
 (null != session) ? session.getId() : null, session);
  return session;
   }
   return null;
}

The first log output produces
AbstractHttpSessionStore#lookup() [sessionId=A8F69FB8C2119439FC90CFD647115D51]

The second produces the following
AbstractHttpSessionStore#lookup() 
[getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8] 
[session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]

The getAttribute resolves the session object but the session id within the 
session object is not the same as the session id from getSessionId(request, 
false) which is the one of the httpSession object from the underlying web 
container. Can you explain this to me?

 
 
  The getId() implementation of the Session class uses the following logic:
 
  if (id == null)
   id = getSessionStore().getSessionId(RequestCycle.get().getRequest(), 
  false);
 
  After our login procedure Session.getId() is never equal to 
 httpSession.getId()
 
 This deserves a ticket - the 'id' member should be reset to 'null' in
 #replaceSession().

I tested it via reflection, but did not solve the problem.

 
 Please file a ticket.
 
 
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 09:39
  Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  Wicket doesn't store anything in its session store.
  It always uses the currently active http session to get the id.
  See
  
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
  boolean)
 
  On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
   Hi!
  
   We are using Wicket 1.4.20 and Tomcat 7.0.21.
  
   After form based authentication (configured in web.xml) we call
  wicketSession.replaceSession() in the constructor of our base page and 
  send a
  redirect to our welcome page. Due to tomcat's session fixation protection 
  the
  session id changes for some times. After rendering the welcome page the 
 session
  id stored in wicket's session store is not equal to the JSESSIONID.
  
   Are we doing anything wrong? Any idea?
  
   Regards,
   Thomas
  
   -
   To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
   For additional commands, e-mail: users-h...@wicket.apache.org
  
 
 
 
  --
  Martin Grigorov
  jWeekend
  Training, Consulting, Development
  http://jWeekend.com
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
 
 
 -- 
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com
 
 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org
 


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Martin Grigorov
Hi Thomas,

Temporarily until there is a fix you can override #replaceSession() to
look like:
super.replaceSession();
Field idField = getField(id);
idField.setAccessible(true);
idField.set(this, null);

I.e. null-ify the cached session id in Session.


On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
 Hi Martin,

 see inline.

 Thanks!
 Thomas

 -Ursprüngliche Nachricht-
 Von:    Martin Grigorov mgrigo...@apache.org
 Gesendet:       Mi 04.04.2012 10:26
 Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
 An:     users@wicket.apache.org;
 Hi Thomas,

 On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  but the AbstractHttpSesionStore has a SessionBindingListener which stores 
  the
 session id and the Session class has an id member variable.

 This is improved in 6.x and the session is taken from the passed
 event. I can backport it to 1.5.x too.

 Please take a look at this. I put some log statements in the session class. 
 For me the lookup method looks weird. Take a look at the following code:

 public Session lookup(Request request) {
   String sessionId = getSessionId(request, false);
   LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
   if (sessionId != null) {
      WebRequest webRequest = toWebRequest(request);
      Session session = (Session)getAttribute(webRequest, 
 Session.SESSION_ATTRIBUTE_NAME);
      LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}] 
 [session={}],
         (null != session) ? session.getId() : null, session);
      return session;
   }
   return null;
 }

 The first log output produces
 AbstractHttpSessionStore#lookup() [sessionId=A8F69FB8C2119439FC90CFD647115D51]

 The second produces the following
 AbstractHttpSessionStore#lookup() 
 [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8] 
 [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]

 The getAttribute resolves the session object but the session id within the 
 session object is not the same as the session id from getSessionId(request, 
 false) which is the one of the httpSession object from the underlying web 
 container. Can you explain this to me?


 
  The getId() implementation of the Session class uses the following logic:
 
  if (id == null)
   id = getSessionStore().getSessionId(RequestCycle.get().getRequest(), 
  false);
 
  After our login procedure Session.getId() is never equal to
 httpSession.getId()

 This deserves a ticket - the 'id' member should be reset to 'null' in
 #replaceSession().

 I tested it via reflection, but did not solve the problem.


 Please file a ticket.

 
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 09:39
  Betreff:        Re: Wicket session id not up to date due to Tomcat session
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  Wicket doesn't store anything in its session store.
  It always uses the currently active http session to get the id.
  See
 
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
  boolean)
 
  On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
   Hi!
  
   We are using Wicket 1.4.20 and Tomcat 7.0.21.
  
   After form based authentication (configured in web.xml) we call
  wicketSession.replaceSession() in the constructor of our base page and 
  send a
  redirect to our welcome page. Due to tomcat's session fixation protection 
  the
  session id changes for some times. After rendering the welcome page the
 session
  id stored in wicket's session store is not equal to the JSESSIONID.
  
   Are we doing anything wrong? Any idea?
  
   Regards,
   Thomas
  
   -
   To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
   For additional commands, e-mail: users-h...@wicket.apache.org
  
 
 
 
  --
  Martin Grigorov
  jWeekend
  Training, Consulting, Development
  http://jWeekend.com
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 
 
 
  -
  To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
  For additional commands, e-mail: users-h...@wicket.apache.org
 



 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org



 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov

AW: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Hi Martin,

I already did that (I wrote above). But the problem still exists. I cannot see 
from where wicket gets the old and wrong session id.

Thomas

-Ursprüngliche Nachricht-
Von:Martin Grigorov mgrigo...@apache.org
Gesendet:   Mi 04.04.2012 11:10
Betreff:Re: Wicket session id not up to date due to Tomcat session 
fixation protection
An: users@wicket.apache.org; 
 Hi Thomas,
 
 Temporarily until there is a fix you can override #replaceSession() to
 look like:
 super.replaceSession();
 Field idField = getField(id);
 idField.setAccessible(true);
 idField.set(this, null);
 
 I.e. null-ify the cached session id in Session.
 
 
 On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  see inline.
 
  Thanks!
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 10:26
  Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
   Hi Martin,
  
   but the AbstractHttpSesionStore has a SessionBindingListener which 
   stores 
 the
  session id and the Session class has an id member variable.
 
  This is improved in 6.x and the session is taken from the passed
  event. I can backport it to 1.5.x too.
 
  Please take a look at this. I put some log statements in the session class. 
 For me the lookup method looks weird. Take a look at the following code:
 
  public Session lookup(Request request) {
    String sessionId = getSessionId(request, false);
    LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
    if (sessionId != null) {
       WebRequest webRequest = toWebRequest(request);
       Session session = (Session)getAttribute(webRequest, 
 Session.SESSION_ATTRIBUTE_NAME);
       LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}] 
 [session={}],
          (null != session) ? session.getId() : null, session);
       return session;
    }
    return null;
  }
 
  The first log output produces
  AbstractHttpSessionStore#lookup() 
  [sessionId=A8F69FB8C2119439FC90CFD647115D51]
 
  The second produces the following
  AbstractHttpSessionStore#lookup() 
 [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8] 
 [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]
 
  The getAttribute resolves the session object but the session id within the 
 session object is not the same as the session id from getSessionId(request, 
 false) which is the one of the httpSession object from the underlying web 
 container. Can you explain this to me?
 
 
  
   The getId() implementation of the Session class uses the following logic:
  
   if (id == null)
    id = getSessionStore().getSessionId(RequestCycle.get().getRequest(), 
 false);
  
   After our login procedure Session.getId() is never equal to
  httpSession.getId()
 
  This deserves a ticket - the 'id' member should be reset to 'null' in
  #replaceSession().
 
  I tested it via reflection, but did not solve the problem.
 
 
  Please file a ticket.
 
  
   Thomas
  
   -Ursprüngliche Nachricht-
   Von:    Martin Grigorov mgrigo...@apache.org
   Gesendet:       Mi 04.04.2012 09:39
   Betreff:        Re: Wicket session id not up to date due to Tomcat 
   session
  fixation protection
   An:     users@wicket.apache.org;
   Hi Thomas,
  
   Wicket doesn't store anything in its session store.
   It always uses the currently active http session to get the id.
   See
  
  
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
   boolean)
  
   On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
Hi!
   
We are using Wicket 1.4.20 and Tomcat 7.0.21.
   
After form based authentication (configured in web.xml) we call
   wicketSession.replaceSession() in the constructor of our base page and 
 send a
   redirect to our welcome page. Due to tomcat's session fixation 
   protection 
 the
   session id changes for some times. After rendering the welcome page the
  session
   id stored in wicket's session store is not equal to the JSESSIONID.
   
Are we doing anything wrong? Any idea?
   
Regards,
Thomas
   
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
   
  
  
  
   --
   Martin Grigorov
   jWeekend
   Training, Consulting, Development
   http://jWeekend.com
  
   -
   To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
   For additional commands, e-mail: users-h...@wicket.apache.org
  
  
  
   -
   To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
   For additional commands, 

Re: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Martin Grigorov
Sorry.
I didn't understand you.

A quickstart will make it easier for me to help you.

On Wed, Apr 4, 2012 at 11:39 AM, Thomas Rohde t...@ordix.de wrote:
 Hi Martin,

 I already did that (I wrote above). But the problem still exists. I cannot 
 see from where wicket gets the old and wrong session id.

 Thomas

 -Ursprüngliche Nachricht-
 Von:    Martin Grigorov mgrigo...@apache.org
 Gesendet:       Mi 04.04.2012 11:10
 Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
 An:     users@wicket.apache.org;
 Hi Thomas,

 Temporarily until there is a fix you can override #replaceSession() to
 look like:
 super.replaceSession();
 Field idField = getField(id);
 idField.setAccessible(true);
 idField.set(this, null);

 I.e. null-ify the cached session id in Session.


 On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  see inline.
 
  Thanks!
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 10:26
  Betreff:        Re: Wicket session id not up to date due to Tomcat session
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
   Hi Martin,
  
   but the AbstractHttpSesionStore has a SessionBindingListener which 
   stores
 the
  session id and the Session class has an id member variable.
 
  This is improved in 6.x and the session is taken from the passed
  event. I can backport it to 1.5.x too.
 
  Please take a look at this. I put some log statements in the session class.
 For me the lookup method looks weird. Take a look at the following code:
 
  public Session lookup(Request request) {
    String sessionId = getSessionId(request, false);
    LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
    if (sessionId != null) {
       WebRequest webRequest = toWebRequest(request);
       Session session = (Session)getAttribute(webRequest,
 Session.SESSION_ATTRIBUTE_NAME);
       LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}]
 [session={}],
          (null != session) ? session.getId() : null, session);
       return session;
    }
    return null;
  }
 
  The first log output produces
  AbstractHttpSessionStore#lookup() 
  [sessionId=A8F69FB8C2119439FC90CFD647115D51]
 
  The second produces the following
  AbstractHttpSessionStore#lookup()
 [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8]
 [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]
 
  The getAttribute resolves the session object but the session id within the
 session object is not the same as the session id from getSessionId(request,
 false) which is the one of the httpSession object from the underlying web
 container. Can you explain this to me?
 
 
  
   The getId() implementation of the Session class uses the following 
   logic:
  
   if (id == null)
    id = getSessionStore().getSessionId(RequestCycle.get().getRequest(),
 false);
  
   After our login procedure Session.getId() is never equal to
  httpSession.getId()
 
  This deserves a ticket - the 'id' member should be reset to 'null' in
  #replaceSession().
 
  I tested it via reflection, but did not solve the problem.
 
 
  Please file a ticket.
 
  
   Thomas
  
   -Ursprüngliche Nachricht-
   Von:    Martin Grigorov mgrigo...@apache.org
   Gesendet:       Mi 04.04.2012 09:39
   Betreff:        Re: Wicket session id not up to date due to Tomcat 
   session
  fixation protection
   An:     users@wicket.apache.org;
   Hi Thomas,
  
   Wicket doesn't store anything in its session store.
   It always uses the currently active http session to get the id.
   See
  
 
 org.apache.wicket.protocol.http.AbstractHttpSessionStore#getSessionId(Request,
   boolean)
  
   On Wed, Apr 4, 2012 at 9:27 AM, Thomas Rohde t...@ordix.de wrote:
Hi!
   
We are using Wicket 1.4.20 and Tomcat 7.0.21.
   
After form based authentication (configured in web.xml) we call
   wicketSession.replaceSession() in the constructor of our base page and
 send a
   redirect to our welcome page. Due to tomcat's session fixation 
   protection
 the
   session id changes for some times. After rendering the welcome page the
  session
   id stored in wicket's session store is not equal to the JSESSIONID.
   
Are we doing anything wrong? Any idea?
   
Regards,
Thomas
   
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
   
  
  
  
   --
   Martin Grigorov
   jWeekend
   Training, Consulting, Development
   http://jWeekend.com
  
   -
   To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
   For additional commands, e-mail: users-h...@wicket.apache.org
  
  
  
   

AW: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Okay a better attempt:

I tried your suggestion to overwrite the replaceSession method of the Session 
class. It didn't work.

But now I modified the lookup method of the AbstractHttpSessionStore like the 
following:

public Session lookup(Request request) {
   String sessionId = getSessionId(request, false);
   LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
   if (sessionId != null) {
  WebRequest webRequest = toWebRequest(request);
  Session session = (Session)getAttribute(webRequest, 
Session.SESSION_ATTRIBUTE_NAME);
  
  // it cannot be okay if the session id's are not equal!!!
  if (null != session  !sessionId.equals(session.getId())) {
 try {
Field f = Session.class.getDeclaredField(id);
f.setAccessible(true);
f.set(session, null); // it will be resolved later from the 
httpSession
 } catch (Exception e) {
throw new IllegalStateException(e);
 }
  }
  return session;
   }
   return null;
}

That seems to work. Is it a valid solution?

Thomas

-Ursprüngliche Nachricht-
Von:Martin Grigorov mgrigo...@apache.org
Gesendet:   Mi 04.04.2012 11:43
Betreff:Re: Wicket session id not up to date due to Tomcat session 
fixation protection
An: users@wicket.apache.org; 
 Sorry.
 I didn't understand you.
 
 A quickstart will make it easier for me to help you.
 
 On Wed, Apr 4, 2012 at 11:39 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  I already did that (I wrote above). But the problem still exists. I cannot 
 see from where wicket gets the old and wrong session id.
 
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 11:10
  Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  Temporarily until there is a fix you can override #replaceSession() to
  look like:
  super.replaceSession();
  Field idField = getField(id);
  idField.setAccessible(true);
  idField.set(this, null);
 
  I.e. null-ify the cached session id in Session.
 
 
  On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
   Hi Martin,
  
   see inline.
  
   Thanks!
   Thomas
  
   -Ursprüngliche Nachricht-
   Von:    Martin Grigorov mgrigo...@apache.org
   Gesendet:       Mi 04.04.2012 10:26
   Betreff:        Re: Wicket session id not up to date due to Tomcat 
   session
  fixation protection
   An:     users@wicket.apache.org;
   Hi Thomas,
  
   On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
Hi Martin,
   
but the AbstractHttpSesionStore has a SessionBindingListener which 
 stores
  the
   session id and the Session class has an id member variable.
  
   This is improved in 6.x and the session is taken from the passed
   event. I can backport it to 1.5.x too.
  
   Please take a look at this. I put some log statements in the session 
   class.
  For me the lookup method looks weird. Take a look at the following code:
  
   public Session lookup(Request request) {
     String sessionId = getSessionId(request, false);
     LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], 
   sessionId);
     if (sessionId != null) {
        WebRequest webRequest = toWebRequest(request);
        Session session = (Session)getAttribute(webRequest,
  Session.SESSION_ATTRIBUTE_NAME);
        LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}]
  [session={}],
           (null != session) ? session.getId() : null, session);
        return session;
     }
     return null;
   }
  
   The first log output produces
   AbstractHttpSessionStore#lookup() 
 [sessionId=A8F69FB8C2119439FC90CFD647115D51]
  
   The second produces the following
   AbstractHttpSessionStore#lookup()
  [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8]
  [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]
  
   The getAttribute resolves the session object but the session id within 
   the
  session object is not the same as the session id from getSessionId(request,
  false) which is the one of the httpSession object from the underlying web
  container. Can you explain this to me?
  
  
   
The getId() implementation of the Session class uses the following 
 logic:
   
if (id == null)
 id = getSessionStore().getSessionId(RequestCycle.get().getRequest(),
  false);
   
After our login procedure Session.getId() is never equal to
   httpSession.getId()
  
   This deserves a ticket - the 'id' member should be reset to 'null' in
   #replaceSession().
  
   I tested it via reflection, but did not solve the problem.
  
  
   Please file a ticket.
  
   
Thomas
   
-Ursprüngliche Nachricht-
Von:    Martin Grigorov mgrigo...@apache.org
Gesendet:       Mi 04.04.2012 09:39
Betreff:        Re: Wicket session id not up to date due to Tomcat 
 session
   

RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem occurs
on all of them.

I remember seeing a recent Wicket git log entry about a change involving
'./' and I'm wondering if it has something to do with that.

Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278 Canberra: (+61 2) 6100
2120
  

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Martin Grigorov
With a quickstart I'll be more certain what exactly happens and how to
solve it the best way...
Until then use this solution since it works for you.

On Wed, Apr 4, 2012 at 12:11 PM, Thomas Rohde t...@ordix.de wrote:
 Okay a better attempt:

 I tried your suggestion to overwrite the replaceSession method of the Session 
 class. It didn't work.

 But now I modified the lookup method of the AbstractHttpSessionStore like the 
 following:

 public Session lookup(Request request) {
   String sessionId = getSessionId(request, false);
   LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
   if (sessionId != null) {
      WebRequest webRequest = toWebRequest(request);
      Session session = (Session)getAttribute(webRequest, 
 Session.SESSION_ATTRIBUTE_NAME);

      // it cannot be okay if the session id's are not equal!!!
      if (null != session  !sessionId.equals(session.getId())) {
         try {
            Field f = Session.class.getDeclaredField(id);
            f.setAccessible(true);
            f.set(session, null); // it will be resolved later from the 
 httpSession
         } catch (Exception e) {
            throw new IllegalStateException(e);
         }
      }
      return session;
   }
   return null;
 }

 That seems to work. Is it a valid solution?

 Thomas

 -Ursprüngliche Nachricht-
 Von:    Martin Grigorov mgrigo...@apache.org
 Gesendet:       Mi 04.04.2012 11:43
 Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
 An:     users@wicket.apache.org;
 Sorry.
 I didn't understand you.

 A quickstart will make it easier for me to help you.

 On Wed, Apr 4, 2012 at 11:39 AM, Thomas Rohde t...@ordix.de wrote:
  Hi Martin,
 
  I already did that (I wrote above). But the problem still exists. I cannot
 see from where wicket gets the old and wrong session id.
 
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 11:10
  Betreff:        Re: Wicket session id not up to date due to Tomcat session
 fixation protection
  An:     users@wicket.apache.org;
  Hi Thomas,
 
  Temporarily until there is a fix you can override #replaceSession() to
  look like:
  super.replaceSession();
  Field idField = getField(id);
  idField.setAccessible(true);
  idField.set(this, null);
 
  I.e. null-ify the cached session id in Session.
 
 
  On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
   Hi Martin,
  
   see inline.
  
   Thanks!
   Thomas
  
   -Ursprüngliche Nachricht-
   Von:    Martin Grigorov mgrigo...@apache.org
   Gesendet:       Mi 04.04.2012 10:26
   Betreff:        Re: Wicket session id not up to date due to Tomcat 
   session
  fixation protection
   An:     users@wicket.apache.org;
   Hi Thomas,
  
   On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
Hi Martin,
   
but the AbstractHttpSesionStore has a SessionBindingListener which
 stores
  the
   session id and the Session class has an id member variable.
  
   This is improved in 6.x and the session is taken from the passed
   event. I can backport it to 1.5.x too.
  
   Please take a look at this. I put some log statements in the session 
   class.
  For me the lookup method looks weird. Take a look at the following code:
  
   public Session lookup(Request request) {
     String sessionId = getSessionId(request, false);
     LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], 
   sessionId);
     if (sessionId != null) {
        WebRequest webRequest = toWebRequest(request);
        Session session = (Session)getAttribute(webRequest,
  Session.SESSION_ATTRIBUTE_NAME);
        LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}]
  [session={}],
           (null != session) ? session.getId() : null, session);
        return session;
     }
     return null;
   }
  
   The first log output produces
   AbstractHttpSessionStore#lookup()
 [sessionId=A8F69FB8C2119439FC90CFD647115D51]
  
   The second produces the following
   AbstractHttpSessionStore#lookup()
  [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8]
  [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]
  
   The getAttribute resolves the session object but the session id within 
   the
  session object is not the same as the session id from 
  getSessionId(request,
  false) which is the one of the httpSession object from the underlying web
  container. Can you explain this to me?
  
  
   
The getId() implementation of the Session class uses the following
 logic:
   
if (id == null)
 id = getSessionStore().getSessionId(RequestCycle.get().getRequest(),
  false);
   
After our login procedure Session.getId() is never equal to
   httpSession.getId()
  
   This deserves a ticket - the 'id' member should be reset to 'null' in
   #replaceSession().
  
   I tested it via reflection, but did not solve the problem.
  
  
   Please file a ticket.
  
   

Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Martin Grigorov
I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
Quickstart has been added to JIRA issue with instructions on how to reproduce.

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



AW: Wicket session id not up to date due to Tomcat session fixation protection

2012-04-04 Thread Thomas Rohde
Hi Martin,

many thanks for your help!!! I'll try to reproduce this in a quickstart. 
Temporarily I use my quick fix.

Regards,
Thomas

-Ursprüngliche Nachricht-
Von:Martin Grigorov mgrigo...@apache.org
Gesendet:   Mi 04.04.2012 12:21
Betreff:Re: Wicket session id not up to date due to Tomcat session 
fixation protection
An: users@wicket.apache.org; 
 With a quickstart I'll be more certain what exactly happens and how to
 solve it the best way...
 Until then use this solution since it works for you.
 
 On Wed, Apr 4, 2012 at 12:11 PM, Thomas Rohde t...@ordix.de wrote:
  Okay a better attempt:
 
  I tried your suggestion to overwrite the replaceSession method of the 
  Session 
 class. It didn't work.
 
  But now I modified the lookup method of the AbstractHttpSessionStore like 
  the 
 following:
 
  public Session lookup(Request request) {
    String sessionId = getSessionId(request, false);
    LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], sessionId);
    if (sessionId != null) {
       WebRequest webRequest = toWebRequest(request);
       Session session = (Session)getAttribute(webRequest, 
 Session.SESSION_ATTRIBUTE_NAME);
 
       // it cannot be okay if the session id's are not equal!!!
       if (null != session  !sessionId.equals(session.getId())) {
          try {
             Field f = Session.class.getDeclaredField(id);
             f.setAccessible(true);
             f.set(session, null); // it will be resolved later from the 
 httpSession
          } catch (Exception e) {
             throw new IllegalStateException(e);
          }
       }
       return session;
    }
    return null;
  }
 
  That seems to work. Is it a valid solution?
 
  Thomas
 
  -Ursprüngliche Nachricht-
  Von:    Martin Grigorov mgrigo...@apache.org
  Gesendet:       Mi 04.04.2012 11:43
  Betreff:        Re: Wicket session id not up to date due to Tomcat session 
 fixation protection
  An:     users@wicket.apache.org;
  Sorry.
  I didn't understand you.
 
  A quickstart will make it easier for me to help you.
 
  On Wed, Apr 4, 2012 at 11:39 AM, Thomas Rohde t...@ordix.de wrote:
   Hi Martin,
  
   I already did that (I wrote above). But the problem still exists. I 
   cannot
  see from where wicket gets the old and wrong session id.
  
   Thomas
  
   -Ursprüngliche Nachricht-
   Von:    Martin Grigorov mgrigo...@apache.org
   Gesendet:       Mi 04.04.2012 11:10
   Betreff:        Re: Wicket session id not up to date due to Tomcat 
   session
  fixation protection
   An:     users@wicket.apache.org;
   Hi Thomas,
  
   Temporarily until there is a fix you can override #replaceSession() to
   look like:
   super.replaceSession();
   Field idField = getField(id);
   idField.setAccessible(true);
   idField.set(this, null);
  
   I.e. null-ify the cached session id in Session.
  
  
   On Wed, Apr 4, 2012 at 10:57 AM, Thomas Rohde t...@ordix.de wrote:
Hi Martin,
   
see inline.
   
Thanks!
Thomas
   
-Ursprüngliche Nachricht-
Von:    Martin Grigorov mgrigo...@apache.org
Gesendet:       Mi 04.04.2012 10:26
Betreff:        Re: Wicket session id not up to date due to Tomcat 
 session
   fixation protection
An:     users@wicket.apache.org;
Hi Thomas,
   
On Wed, Apr 4, 2012 at 10:18 AM, Thomas Rohde t...@ordix.de wrote:
 Hi Martin,

 but the AbstractHttpSesionStore has a SessionBindingListener which
  stores
   the
session id and the Session class has an id member variable.
   
This is improved in 6.x and the session is taken from the passed
event. I can backport it to 1.5.x too.
   
Please take a look at this. I put some log statements in the session 
 class.
   For me the lookup method looks weird. Take a look at the following code:
   
public Session lookup(Request request) {
  String sessionId = getSessionId(request, false);
  LOG.debug(AbstractHttpSessionStore#lookup() [sessionId={}], 
 sessionId);
  if (sessionId != null) {
     WebRequest webRequest = toWebRequest(request);
     Session session = (Session)getAttribute(webRequest,
   Session.SESSION_ATTRIBUTE_NAME);
     LOG.debug(AbstractHttpSessionStore#lookup() [getAttribute()={}]
   [session={}],
        (null != session) ? session.getId() : null, session);
     return session;
  }
  return null;
}
   
The first log output produces
AbstractHttpSessionStore#lookup()
  [sessionId=A8F69FB8C2119439FC90CFD647115D51]
   
The second produces the following
AbstractHttpSessionStore#lookup()
   [getAttribute()=9F4CECDC89947EFEF5B7646F6600A8B8]
   [session=de.postbank.ucp.application.face.session.FaceWebSession@3cf08d9e]
   
The getAttribute resolves the session object but the session id 
within 
 the
   session object is not the same as the session id from 
 getSessionId(request,
   false) which is the one of the httpSession object from the underlying 
   web
   

RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
The title of the bug report is interesting:

WICKET-4260 make sure relative urls start either with dot or dot-dot

I am redirecting to a page using its page class - which redirects to the mount 
for that page class - which is *always* an absolute path.

Eg., /logon

It seems strange that it would be treated as a relative path and so have a './' 
prefix added.

The redirection may be the same for all browsers but IE may not be smart enough 
to remove the redundant ./ from the URL. 

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Martin Grigorov
Wicket works with relative paths only.
/logon is the mount path you specified in #mountPage() but later the
produced urls are relative to the filter path.
I.e. if a user is at /another/mount/point then a link to LoginPage
will look like: ../../logon

On Wed, Apr 4, 2012 at 2:33 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 The title of the bug report is interesting:

 WICKET-4260 make sure relative urls start either with dot or dot-dot

 I am redirecting to a page using its page class - which redirects to the 
 mount for that page class - which is *always* an absolute path.

 Eg., /logon

 It seems strange that it would be treated as a relative path and so have a 
 './' prefix added.

 The redirection may be the same for all browsers but IE may not be smart 
 enough to remove the redundant ./ from the URL.

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org


 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Fallback for error page

2012-04-04 Thread jarnis
Hi all

I set up an error page by calling
getApplicationSettings().setInternalErrorPage(ErrorPage.class);
in my application setup. However, I would like to redirect to a static html
page (not a wicket page) if an error occurs, preventing the wicket error
page from being shown.

I thought about wrapping all code in the error page in a try/catch block and
throwing a custom RuntimeException if any exception is thrown on the error
page. I could then setup a custom page with redirection as the error page
for this specific exception. An even simpler solution would be to just
redirect to the static page in the catch block.

The main problem with this approach is that I can't wrap the call to the
parent class' constructor in the try block. Any exception being thrown in
the parent constructor would therefore still result in a loop of error page
redirecting to itself, same as with no fallback.

Is there a good solution to this problem?

Thanks in advance,
Jarnis Bertelsen

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Fallback-for-error-page-tp4531970p4531970.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
Ok, so if we go to 

/landing

And user is not authenticated they get redirected to 

./logon (a relative URL)

Which is effectively http://mydomain.com/./logon

Which IE can't handle but FF and Chrome seem to auto redirect to 
http://mydomain.com/logon

It seems like we can't use the './' trick with IE. Wouldn't simply 'logon' 
without the leading './' also be a relative path? Why do we need to prefix it 
with './'? 

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 10:38 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Wicket works with relative paths only.
/logon is the mount path you specified in #mountPage() but later the
produced urls are relative to the filter path.
I.e. if a user is at /another/mount/point then a link to LoginPage
will look like: ../../logon

On Wed, Apr 4, 2012 at 2:33 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 The title of the bug report is interesting:

 WICKET-4260 make sure relative urls start either with dot or dot-dot

 I am redirecting to a page using its page class - which redirects to the
mount for that page class - which is *always* an absolute path.

 Eg., /logon

 It seems strange that it would be treated as a relative path and so have
a './' prefix added.

 The redirection may be the same for all browsers but IE may not be smart
enough to remove the redundant ./ from the URL.

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem
occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change
involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org


 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com


Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Martin Grigorov
Sven has tested this in IE and it worked. It seems it is some
additional specific which need to find and solve.

The problem with plain 'logon' is that some users use something like:
'log:on', i.e. there is a colon in the first segment of the redirect
url. And here ALL browsers confuse that 'log:' is a scheme and they
try to find a URL handler that can process it. But most of the times
there is no such...

On Wed, Apr 4, 2012 at 4:23 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 Ok, so if we go to

 /landing

 And user is not authenticated they get redirected to

 ./logon (a relative URL)

 Which is effectively http://mydomain.com/./logon

 Which IE can't handle but FF and Chrome seem to auto redirect to
 http://mydomain.com/logon

 It seems like we can't use the './' trick with IE. Wouldn't simply 'logon' 
 without the leading './' also be a relative path? Why do we need to prefix it 
 with './'?

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 10:38 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Wicket works with relative paths only.
/logon is the mount path you specified in #mountPage() but later the
produced urls are relative to the filter path.
I.e. if a user is at /another/mount/point then a link to LoginPage
will look like: ../../logon

On Wed, Apr 4, 2012 at 2:33 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 The title of the bug report is interesting:

 WICKET-4260 make sure relative urls start either with dot or dot-dot

 I am redirecting to a page using its page class - which redirects to the
mount for that page class - which is *always* an absolute path.

 Eg., /logon

 It seems strange that it would be treated as a relative path and so have
a './' prefix added.

 The redirection may be the same for all browsers but IE may not be smart
enough to remove the redundant ./ from the URL.

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem
occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change
involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we now
 experience an IE specific problem when we redirect after successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team Leader,

 Step Ahead Software

 

 pagebloom - your business  your website growing together

 ** **

 **Sydney**: (+61 2) 9656 1278     Canberra: (+61 2) 6100
 2120
      

 Email: chr...@stepahead.com.au //chr...@stepahead.com.au

 Website:

 http://www.pagebloom.com

 http://develop.stepaheadsoftware.com

  

 ** **




 --
 Martin Grigorov
 jWeekend
 Training, Consulting, Development
 http://jWeekend.com http://jweekend.com/




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com http://jweekend.com/

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com


Re: Fallback for error page

2012-04-04 Thread Martin Grigorov
Hi,

You can use org.apache.wicket.request.cycle.IRequestCycleListener#onException()
to track how many errors happened in the current request cycle. If
this is the first error then set a flag (e.g. RequestCycle metadata)
and let it be processed with InternalErrorPage (i.e. return null).
Next time when #onException() is called (due to a problem in
InternalErrorPage) you will see the flag and will return: new
RedirectRequestHandler(normal/page.html)
I.e. only the flag will indicate what to do. Don't use your own
exception nor try/catch.

On Wed, Apr 4, 2012 at 4:07 PM, jarnis jarnis.bertel...@exedio.com wrote:
 Hi all

 I set up an error page by calling
 getApplicationSettings().setInternalErrorPage(ErrorPage.class);
 in my application setup. However, I would like to redirect to a static html
 page (not a wicket page) if an error occurs, preventing the wicket error
 page from being shown.

 I thought about wrapping all code in the error page in a try/catch block and
 throwing a custom RuntimeException if any exception is thrown on the error
 page. I could then setup a custom page with redirection as the error page
 for this specific exception. An even simpler solution would be to just
 redirect to the static page in the catch block.

 The main problem with this approach is that I can't wrap the call to the
 parent class' constructor in the try block. Any exception being thrown in
 the parent constructor would therefore still result in a loop of error page
 redirecting to itself, same as with no fallback.

 Is there a good solution to this problem?

 Thanks in advance,
 Jarnis Bertelsen

 --
 View this message in context: 
 http://apache-wicket.1842946.n4.nabble.com/Fallback-for-error-page-tp4531970p4531970.html
 Sent from the Users forum mailing list archive at Nabble.com.

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Chris Colman
Sven has tested this in IE and it worked. It seems it is some
additional specific which need to find and solve.

My quickstart has comments that specify the additional specific requirements to 
make it happen - the app has to be in the context of a virtual host, not just 
installed in the root 'webapps' directory. Has he tested it as a web host? I 
gave a fairly thorough description of how to set it up to reproduce the error 
in the JIRA comments.

The problem with plain 'logon' is that some users use something like:
'log:on', i.e. there is a colon in the first segment of the redirect
url. And here ALL browsers confuse that 'log:' is a scheme and they
try to find a URL handler that can process it. But most of the times
there is no such...

Using a colon ':' in a path sounds wrong - even though it may be legal. I 
wouldn't think many people would do that and I've never seen it before.

I'm not sure if it's a good idea to break a fairly popular (though widely 
hated) browser in the rare case that some users use a colon in the path. 

Could the patch do a test to see if the path actually contains a ':' before it 
does its funky business and if not, just leave the URL as is?

Or could the catering for ':' be a configurable option so that people who don't 
put colons in their path could disable it?


On Wed, Apr 4, 2012 at 4:23 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 Ok, so if we go to

 /landing

 And user is not authenticated they get redirected to

 ./logon (a relative URL)

 Which is effectively http://mydomain.com/./logon

 Which IE can't handle but FF and Chrome seem to auto redirect to
 http://mydomain.com/logon

 It seems like we can't use the './' trick with IE. Wouldn't simply
'logon' without the leading './' also be a relative path? Why do we need to
prefix it with './'?

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 10:38 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Wicket works with relative paths only.
/logon is the mount path you specified in #mountPage() but later the
produced urls are relative to the filter path.
I.e. if a user is at /another/mount/point then a link to LoginPage
will look like: ../../logon

On Wed, Apr 4, 2012 at 2:33 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 The title of the bug report is interesting:

 WICKET-4260 make sure relative urls start either with dot or dot-dot

 I am redirecting to a page using its page class - which redirects to
the
mount for that page class - which is *always* an absolute path.

 Eg., /logon

 It seems strange that it would be treated as a relative path and so
have
a './' prefix added.

 The redirection may be the same for all browsers but IE may not be
smart
enough to remove the redundant ./ from the URL.

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com wrote:
 I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem
occurs
 on all of them.

 I remember seeing a recent Wicket git log entry about a change
involving
 './' and I'm wondering if it has something to do with that.

 Chris

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:

 Hi Chris,

 Can you attach a quickstart to
 https://issues.apache.org/jira/browse/WICKET-4260 ?
 Thanks!


 On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman
chr...@stepaheadsoftware.com
  wrote:

 ** **

 After upgrading to the latest Wicket snapshot a few days ago we
now
 experience an IE specific problem when we redirect after
successful
 log
on:
 

 ** **

 It only happens for me on IE. On FireFox it works perfectly.

 ** **

 I've tracked it down to the 'continue to destination' that occurs
 after
a
 successful log in on the redirected authentication page.

 ** **

 On FireFox the 'continue' attempts to render:

 ** **

 http://acme1.acme.testurl.mydomain.com.au/myAdminPage

 ** **

 but on IE the redirect attempts to render:

 ** **


http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.
ac
 me.t
esturl.mydomain.com.au/myAdminPage
 

 ** **

 Note the extra './' before myAdminPage

 ** **

 There is no page mounted at ./myAdminPage and so we get a Tomcat
error.**
 **

 ** **

 Note: this was verified on IE8 but may happen on other IE versions
also.*
 ***

 ** **

 Yours sincerely,

 ** **

 Chris Colman

  

 Pagebloom Team 

Re: IE redirect error with recent snapshot due to extra './'

2012-04-04 Thread Sven Meier

Hi Chris,

we'll find a solution, see my comments on WICKET-4260.

Sven

On 04/04/2012 04:44 PM, Chris Colman wrote:

Sven has tested this in IE and it worked. It seems it is some
additional specific which need to find and solve.

My quickstart has comments that specify the additional specific requirements to 
make it happen - the app has to be in the context of a virtual host, not just 
installed in the root 'webapps' directory. Has he tested it as a web host? I 
gave a fairly thorough description of how to set it up to reproduce the error 
in the JIRA comments.


The problem with plain 'logon' is that some users use something like:
'log:on', i.e. there is a colon in the first segment of the redirect
url. And here ALL browsers confuse that 'log:' is a scheme and they
try to find a URL handler that can process it. But most of the times
there is no such...

Using a colon ':' in a path sounds wrong - even though it may be legal. I 
wouldn't think many people would do that and I've never seen it before.

I'm not sure if it's a good idea to break a fairly popular (though widely 
hated) browser in the rare case that some users use a colon in the path.

Could the patch do a test to see if the path actually contains a ':' before it 
does its funky business and if not, just leave the URL as is?

Or could the catering for ':' be a configurable option so that people who don't 
put colons in their path could disable it?


On Wed, Apr 4, 2012 at 4:23 PM, Chris Colman
chr...@stepaheadsoftware.com  wrote:

Ok, so if we go to

/landing

And user is not authenticated they get redirected to

./logon (a relative URL)

Which is effectively http://mydomain.com/./logon

Which IE can't handle but FF and Chrome seem to auto redirect to
http://mydomain.com/logon

It seems like we can't use the './' trick with IE. Wouldn't simply

'logon' without the leading './' also be a relative path? Why do we need to
prefix it with './'?

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 10:38 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Wicket works with relative paths only.
/logon is the mount path you specified in #mountPage() but later the
produced urls are relative to the filter path.
I.e. if a user is at /another/mount/point then a link to LoginPage
will look like: ../../logon

On Wed, Apr 4, 2012 at 2:33 PM, Chris Colman
chr...@stepaheadsoftware.com  wrote:

The title of the bug report is interesting:

WICKET-4260 make sure relative urls start either with dot or dot-dot

I am redirecting to a page using its page class - which redirects to

the

mount for that page class - which is *always* an absolute path.

Eg., /logon

It seems strange that it would be treated as a relative path and so

have

a './' prefix added.

The redirection may be the same for all browsers but IE may not be

smart

enough to remove the redundant ./ from the URL.

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 8:21 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

I gave you the ticket number in my first response :-)

On Wed, Apr 4, 2012 at 12:19 PM, Chris Colman
chr...@stepaheadsoftware.com  wrote:

I've tried it on Tomcat 6.0.18, 6.0.20 and 6.0.35 and the problem

occurs

on all of them.

I remember seeing a recent Wicket git log entry about a change

involving

'./' and I'm wondering if it has something to do with that.

Chris


-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org]
Sent: Wednesday, 4 April 2012 5:48 PM
To: users@wicket.apache.org
Subject: Re: IE redirect error with recent snapshot due to extra './'

Also can you tell us the version of Tomcat.

On Wed, Apr 4, 2012 at 9:45 AM, Martin Grigorov
mgrigo...@apache.orgwrote:


Hi Chris,

Can you attach a quickstart to
https://issues.apache.org/jira/browse/WICKET-4260 ?
Thanks!


On Wed, Apr 4, 2012 at 9:42 AM, Chris Colman

chr...@stepaheadsoftware.com

wrote:
** **

After upgrading to the latest Wicket snapshot a few days ago we

now

experience an IE specific problem when we redirect after

successful

log

on:



** **

It only happens for me on IE. On FireFox it works perfectly.

** **

I've tracked it down to the 'continue to destination' that occurs

after

a

successful log in on the redirected authentication page.

** **

On FireFox the 'continue' attempts to render:

** **

http://acme1.acme.testurl.mydomain.com.au/myAdminPage

** **

but on IE the redirect attempts to render:

** **



http://acme1.acme.testurl.mydomain.com.au/./myAdminPagehttp://acme1.

ac

me.t

esturl.mydomain.com.au/myAdminPage



** **

Note the extra './' before myAdminPage

** **

There is no page mounted at ./myAdminPage and so we get a Tomcat

error.**

**

** **

Note: this was verified on IE8 but may happen on other IE versions


Re: wicketstuff.org - down

2012-04-04 Thread Rafał Krupiński
On Tue, Apr 3, 2012 at 23:14, Jeffrey Schneller
jeffrey.schnel...@envisa.com wrote:
 Wicketstuff.org appears to be down.  Any ideas on when it will be back up?

wicketstuff is down regularly, what does it say about wicket? ;-)

Seriously though, why does it breaks so often?

-- 
Pozdrawiam / Best Regards
Rafal Krupinski

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Fallback for error page

2012-04-04 Thread jarnis
Thanks for a quick reply and a useful solution. Being fairly new to wicker it
would never have occurred to me to hook into the request cycle, but I just
finished implementing it (as proof of concept at least) and it works fine.

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Fallback-for-error-page-tp4531970p4532377.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: wicketstuff.org - down

2012-04-04 Thread Martijn Dashorst
2012/4/4 Rafał Krupiński r.krupin...@gmail.com:
 On Tue, Apr 3, 2012 at 23:14, Jeffrey Schneller
 jeffrey.schnel...@envisa.com wrote:
 Wicketstuff.org appears to be down.  Any ideas on when it will be back up?

 wicketstuff is down regularly, what does it say about wicket? ;-)

 Seriously though, why does it breaks so often?

There's a script running on the tomcat server that checks if a file is
being served from the ROOT. If not, it restarts the server. This is
the 503 page you're seeing. Apparently the script is too eager to
restart tomcat.

In any case, the server has been decommissioned, and there are no
services running on it anymore.

Martijn

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Looking for a Wicket training in France (paris) and argument for Wicket versus Spring MVC

2012-04-04 Thread Yves-Marie LAINÉ
Hi all,

I'm working with wicket since 2 years, and I'm convinced by this great
fremework. Today, in my company we are facing the choice of a new web
framework in order to replace our old Struts 1... The debate turn arround
Spring MVC or Wicket. I spend one day to show Wicket to my colleagues, but
they only knows struts 1 and it's really hard to make them feel the power
of Wicket. After a long discussion, my boss decided to give Wicket a second
chance and proposed me to find good training to try to make them adhere. I
think this choice is really important, more particularly when leaving
struts 1 after 10 years...

So I need your Help ! If someone has feedback on a good training in paris,
it's more than welcome.

And any good agument for Wicket versus Spring MVC is welcome too.

(sorry for my english)

Regard,
Yves-Marie LAINÉ


Re: What real life scenario calls for page ID?

2012-04-04 Thread Bertrand Guay-Paquet

Hi,

Is there a JIRA issue tracking this render wrong page based on page 
version problem? I'm very interested in this issue since sharing links 
to stateful pages containing a page version is essentially broken.


Regards,
Bertrand

On 20/03/2012 12:45 PM, Igor Vaynberg wrote:

On Tue, Mar 20, 2012 at 8:52 AM, Martin Grigorovmgrigo...@apache.org  wrote:

On Tue, Mar 20, 2012 at 5:42 PM, Igor Vaynbergigor.vaynb...@gmail.com  wrote:

On Tue, Mar 20, 2012 at 8:28 AM, Martin Grigorovmgrigo...@apache.org  wrote:

On Tue, Mar 20, 2012 at 5:20 PM, Igor Vaynbergigor.vaynb...@gmail.com  wrote:

On Tue, Mar 20, 2012 at 1:07 AM, Martin Grigorovmgrigo...@apache.org  wrote:

On Tue, Mar 20, 2012 at 12:55 AM, Igor Vaynbergigor.vaynb...@gmail.com  wrote:

indeed. we should check that the page pointed to by the id maps back
to the mount, and create a new instance based on the mount if it
doesnt. jira please.

This is already the case, no need of a ticket for this. If there is no
?5 then Wicket creates ?0 and shows it.

this is not what i was talking about...


The problem Pointbreak actually mean is that userA may have opened
?5 in his session, copy the url and give it to
userB, but userB also already have its own session and by chance he
also had reached ?5 and these two ?5s are
different because they may have different states for both users.

not only are ?5 different, but they are entirely different pages.

so user A goes to /foo, we redirect to /foo?0, they click around and
end up on /foo?2
user B goes to /bar, we redirect to /bar?0, they click around and end
up on /bar?7

now user A emails user B the /foo?2 link. when user B hits that link
they end up going to a previous version of their *bar* page instead of
some instance of /foo because we do not check the mount vs the page
id, and whats worse we keep the mount in the url even though we are
displaying a page that is not mounted.

Ouch!


i guess this is why in 1.4 we dropped the mount from nonbookmarkable urls...

I hope you don't mean that we have to redirect to wicket/page?0 from
the bookmarkable url that the user requested.

no. we should redirect to wicket/page?x when the user navigates away
from the mounted page.

so i go to /bar which is BarPage and end up on /bar?0. click a link
that does something to BarPage, so end up on /bar?1. click a link that
takes me to FooPage, at this point since the page does not match the
mount i should go to /wicket/page?3

Currently it works just as you described it. Or I don't understand you well.
A quickstart will make it more clear :-)

My ouch was for something else - userA sends foo?5, but userB's ?5
is for BarPage and current PageProvider will silently return BarPage's
version5. It wont be FooPage!

hrm. yes. in a cleanroom quickstart that is indeed how it works. in
our prod app, for some reason, it just shows the other page on the old
page's mount. i will have to dig into that in our code base.

the quickstart does show what you have described above (showing the
old version of the page instead of creating a new one), but it also
does another interesting. when it redirects to the incorrect version
of the other page it also uses wicket/bookmarkable url instead of the
mount.

so when i am on /bar?4 and change 4 to 2 which is a version of FooPage
mounted on /foo i dont go to /foo?5 like i should, instead i go to
/wicket/bookmarkable/FooPage?2

-igor




-igor


It'd be better if we check the type of the stored page against the
type of the page that is mounted at this bookmarkable url and throw
PageExpiredException if they don't match.


-igor





The confusing part here is bookmarkable. Now imagine that there is
no ?pageId in the url. userA clicks several Ajax links to get to
version5 of that page and then copy/paste the url but userB will see
the initial state of the page, not version5 that userA actually meant.
So it seems only ?0 is actually bookmarkable for stateful pages.
Only in this case both users will see the same content (if there is no
special logic for user permissions involved).

If userA wants to fully share his page with userB then he has to share
his session too, i.e. both ?5 and jessionid= has to be in the pasted
url. I don't recomment this!

?5 helps when the user refreshes the page in his current session. In
this case he will see the same content as before the refresh. In 1.4
he'd see the initial state of the page and will loose any state that
is not persisted so far.



-igor

On Mon, Mar 19, 2012 at 3:52 PM, Pointbreak
pointbreak+wicketst...@ml1.net  wrote:

It's a problem when users bookmark it. Because ...?5 this session is an
entirely other page as ...?5 in another session tomorrow.

On Mon, Mar 19, 2012, at 11:53, Girts Ziemelis wrote:


On 2012-03-19 02:46, Paolo wrote:

I support you! I implemented class NoVersionMount thanks to pointbreak
in my MainApplication. And It will be my template for future app. But
to do it, I needed to understood the problem, check on google, read a
lot of pages, 

Re: Looking for a Wicket training in France (paris) and argument for Wicket versus Spring MVC

2012-04-04 Thread Yves-Marie LAINÉ
I was looking to it. Thanx Martjin. (and thx for your book ! ;-) )


2012/4/4 Martijn Dashorst martijn.dasho...@gmail.com

 http://www.zenika.com/formation_wicket_avance.html

 Martijn

 2012/4/4 Yves-Marie LAINÉ ymla...@gmail.com:
  Hi all,
 
  I'm working with wicket since 2 years, and I'm convinced by this great
  fremework. Today, in my company we are facing the choice of a new web
  framework in order to replace our old Struts 1... The debate turn arround
  Spring MVC or Wicket. I spend one day to show Wicket to my colleagues,
 but
  they only knows struts 1 and it's really hard to make them feel the power
  of Wicket. After a long discussion, my boss decided to give Wicket a
 second
  chance and proposed me to find good training to try to make them adhere.
 I
  think this choice is really important, more particularly when leaving
  struts 1 after 10 years...
 
  So I need your Help ! If someone has feedback on a good training in
 paris,
  it's more than welcome.
 
  And any good agument for Wicket versus Spring MVC is welcome too.
 
  (sorry for my english)
 
  Regard,
  Yves-Marie LAINÉ



 --
 Become a Wicket expert, learn from the best: http://wicketinaction.com

 -
 To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
 For additional commands, e-mail: users-h...@wicket.apache.org




-- 
Yves-Marie LAINÉ


IRequestparameters with OpenID

2012-04-04 Thread singh13
Hi there
I am creating an OpeniD provider using wicket 1.5.4 and openid4java.

On a part of my login page I have the following:

public LoginPage(PageParameters page){
super(page);

if(page.isEmpty()){
getRequestCycle().scheduleRequestHandlerAfterCurrent(new
IRequestHandler(){
public void respond(IRequestCycle requestCycle) 
{
// TODO Auto-generated method stub
WebResponse 
web=(WebResponse)requestCycle.getResponse();
OpenIDServer.discoveryResponse(web);

}

public void detach(IRequestCycle requestCycle) {
// TODO Auto-generated method stub

}   
});

}else{
Message response;
IRequestParameters  irp
=RequestCycle.get().getRequest().getRequestParameters();

list = toParameterList(irp);
  OpenIDServer.logRequestParameters(list);

String mode = list.hasParameter(openid.mode) ?
list.getParameterValue(openid.mode) : null;

if (associate.equals(mode)){
getRequestCycle().scheduleRequestHandlerAfterCurrent(new
IRequestHandler(){
public void respond(IRequestCycle requestCycle) 
{
// TODO Auto-generated method stub
WebResponse 
web=(WebResponse)requestCycle.getResponse();
OpenIDServer.associate(web, list);
}
public void detach(IRequestCycle requestCycle) {
// TODO Auto-generated method stub

}   
});


The first part of the code works (discovery) but when the consumer is
sending the association request to the provider (login page), the request
parameters are empty.

The logs are:

04/04/2012 17:44:03.297 4651 [qtp597295774-21] DEBUG
(org.openid4java.message.ParameterList.createFromKeyValueForm:198)  -
Creating parameter list from key-value form:

04/04/2012 17:44:03.298 4652 [qtp597295774-21] DEBUG
(org.openid4java.message.ParameterList.init:33)  - Created empty parameter
list.
04/04/2012 17:44:03.298 4652 [qtp597295774-21] DEBUG
(org.openid4java.message.ParameterList.copyOf:89)  - Copying parameter list:

openid4java creates a parameterlist from a keyvalueform but this is empty.

I have a feeling that the provider is not being sent the association request
because after this step, it goes to the authentication stage and the
requestparameters contain authentication info.

Is there another way to get the request parameters? Or is there something in
the code above that is interfering with the parameterlist request?


--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/IRequestparameters-with-OpenID-tp4532565p4532565.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



TextTemplateResourceReference problem

2012-04-04 Thread Burton, Tom F (DOR)
Hello,

  I have a component(It displays a menu common across the pages of my
application.)

All the WebPages in my application inherit from BasePage which includes
the menu.

 

BasePage includes a component MainMenu, which creates a List of
Lists(that contain page links)

The Lists of lists are then wrapped inside of jQuerySlideMenu.

 

jQuerySlideMenu has the following method defined

renderHead(IHeaderResponse response) 

{

super.renderHead(response);

response

.renderCSSReference(new
PackageResourceReference(AppBasePage.class,

 
includes/css/jqueryslidemenu.css));

response

.renderCSSReference(new
PackageResourceReference(AppBasePage.class,

 
includes/css/printjqueryslidemenu.css), print);



MapString, Object arrows = new HashMapString, Object(2);

 

/*

 * TODO: look into Meta-inf staticing the resources (faster)

 * uses MetaInfStaticResourceReference

 * requires the files to be mounted under

 * /META-INF/resources in the final jar

 */

//TODO: look at finding a way to make sure it gets redone for every
page

PackageResourceReference down =

   new PackageResourceReference(AppBasePage.class,

includes/menu_down.gif);

PackageResourceReference right =

   new PackageResourceReference(AppBasePage.class,

includes/menu_right.gif);

  

   arrows.put(menu_down, urlFor(down, null));

   arrows.put(menu_right,   urlFor(right, null));

 

/* this works 

String prefix = getRequest().getContextPath() + /;

arrows.put(menu_down, prefix + urlFor(down, null));

arrows.put(menu_right, prefix + urlFor(right, null));

   */

 

//arrow model just implements IModel to pass arrows for getObject()

arrowModel model = new arrowModel(arrows); 

response.renderJavaScriptReference(

  new TextTemplateResourceReference(AppBasePage.class,

 
includes/javascript/jqueryslidemenu.js, model));

}

  

When I initially login it works great for /home,  or other
/mountedPageName pages, but if I follow a link to
/wicket/bookmarkable/full.class.name/?stuffhere  the images will not
display.  

 

It works if I prefix contextPath/ infront of the url.  But some of my
sites are behind a proxy, and I would like this to work there as well.

 

Thank you for any help,

Tom Burton

 

 



Re: What real life scenario calls for page ID?

2012-04-04 Thread Martin Grigorov
Hi Bertrand,

Did you verify that ? If yes and you have a quickstart then create a ticket.
There are no tickets from this discussion so far.

On Wed, Apr 4, 2012 at 6:31 PM, Bertrand Guay-Paquet
ber...@step.polymtl.ca wrote:
 Hi,

 Is there a JIRA issue tracking this render wrong page based on page
 version problem? I'm very interested in this issue since sharing links to
 stateful pages containing a page version is essentially broken.

 Regards,
 Bertrand


 On 20/03/2012 12:45 PM, Igor Vaynberg wrote:

 On Tue, Mar 20, 2012 at 8:52 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

 On Tue, Mar 20, 2012 at 5:42 PM, Igor Vaynbergigor.vaynb...@gmail.com
  wrote:

 On Tue, Mar 20, 2012 at 8:28 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

 On Tue, Mar 20, 2012 at 5:20 PM, Igor Vaynbergigor.vaynb...@gmail.com
  wrote:

 On Tue, Mar 20, 2012 at 1:07 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

 On Tue, Mar 20, 2012 at 12:55 AM, Igor
 Vaynbergigor.vaynb...@gmail.com  wrote:

 indeed. we should check that the page pointed to by the id maps back
 to the mount, and create a new instance based on the mount if it
 doesnt. jira please.

 This is already the case, no need of a ticket for this. If there is
 no
 ?5 then Wicket creates ?0 and shows it.

 this is not what i was talking about...

 The problem Pointbreak actually mean is that userA may have opened
 ?5 in his session, copy the url and give it to
 userB, but userB also already have its own session and by chance he
 also had reached ?5 and these two ?5s are
 different because they may have different states for both users.

 not only are ?5 different, but they are entirely different pages.

 so user A goes to /foo, we redirect to /foo?0, they click around and
 end up on /foo?2
 user B goes to /bar, we redirect to /bar?0, they click around and end
 up on /bar?7

 now user A emails user B the /foo?2 link. when user B hits that link
 they end up going to a previous version of their *bar* page instead of
 some instance of /foo because we do not check the mount vs the page
 id, and whats worse we keep the mount in the url even though we are
 displaying a page that is not mounted.

 Ouch!

 i guess this is why in 1.4 we dropped the mount from nonbookmarkable
 urls...

 I hope you don't mean that we have to redirect to wicket/page?0 from
 the bookmarkable url that the user requested.

 no. we should redirect to wicket/page?x when the user navigates away
 from the mounted page.

 so i go to /bar which is BarPage and end up on /bar?0. click a link
 that does something to BarPage, so end up on /bar?1. click a link that
 takes me to FooPage, at this point since the page does not match the
 mount i should go to /wicket/page?3

 Currently it works just as you described it. Or I don't understand you
 well.
 A quickstart will make it more clear :-)

 My ouch was for something else - userA sends foo?5, but userB's ?5
 is for BarPage and current PageProvider will silently return BarPage's
 version5. It wont be FooPage!

 hrm. yes. in a cleanroom quickstart that is indeed how it works. in
 our prod app, for some reason, it just shows the other page on the old
 page's mount. i will have to dig into that in our code base.

 the quickstart does show what you have described above (showing the
 old version of the page instead of creating a new one), but it also
 does another interesting. when it redirects to the incorrect version
 of the other page it also uses wicket/bookmarkable url instead of the
 mount.

 so when i am on /bar?4 and change 4 to 2 which is a version of FooPage
 mounted on /foo i dont go to /foo?5 like i should, instead i go to
 /wicket/bookmarkable/FooPage?2

 -igor



 -igor

 It'd be better if we check the type of the stored page against the
 type of the page that is mounted at this bookmarkable url and throw
 PageExpiredException if they don't match.

 -igor




 The confusing part here is bookmarkable. Now imagine that there is
 no ?pageId in the url. userA clicks several Ajax links to get to
 version5 of that page and then copy/paste the url but userB will see
 the initial state of the page, not version5 that userA actually
 meant.
 So it seems only ?0 is actually bookmarkable for stateful pages.
 Only in this case both users will see the same content (if there is
 no
 special logic for user permissions involved).

 If userA wants to fully share his page with userB then he has to
 share
 his session too, i.e. both ?5 and jessionid= has to be in the pasted
 url. I don't recomment this!

 ?5 helps when the user refreshes the page in his current session. In
 this case he will see the same content as before the refresh. In 1.4
 he'd see the initial state of the page and will loose any state that
 is not persisted so far.


 -igor

 On Mon, Mar 19, 2012 at 3:52 PM, Pointbreak
 pointbreak+wicketst...@ml1.net  wrote:

 It's a problem when users bookmark it. Because ...?5 this session
 is an
 entirely other page as ...?5 in another session tomorrow.

 On 

Re: TextTemplateResourceReference problem

2012-04-04 Thread Martin Grigorov
Hi Tom,

Is ArrowModel and the TTRR recreated for for every page ? I guess the
answer is YES but I need to ask.
Please create a quickstart and attach it to Jira so we can take a look.

On Wed, Apr 4, 2012 at 9:18 PM, Burton, Tom F (DOR)
tom.bur...@alaska.gov wrote:
 Hello,

  I have a component(It displays a menu common across the pages of my
 application.)

 All the WebPages in my application inherit from BasePage which includes
 the menu.



 BasePage includes a component MainMenu, which creates a List of
 Lists(that contain page links)

 The Lists of lists are then wrapped inside of jQuerySlideMenu.



 jQuerySlideMenu has the following method defined

 renderHead(IHeaderResponse response)

 {

    super.renderHead(response);

    response

                .renderCSSReference(new
 PackageResourceReference(AppBasePage.class,


 includes/css/jqueryslidemenu.css));

    response

                .renderCSSReference(new
 PackageResourceReference(AppBasePage.class,


 includes/css/printjqueryslidemenu.css), print);



    MapString, Object arrows = new HashMapString, Object(2);



    /*

     * TODO: look into Meta-inf staticing the resources (faster)

     * uses MetaInfStaticResourceReference

     * requires the files to be mounted under

     * /META-INF/resources in the final jar

     */

    //TODO: look at finding a way to make sure it gets redone for every
 page

    PackageResourceReference down =

           new PackageResourceReference(AppBasePage.class,

                                        includes/menu_down.gif);

    PackageResourceReference right =

               new PackageResourceReference(AppBasePage.class,

                                            includes/menu_right.gif);



   arrows.put(menu_down, urlFor(down, null));

   arrows.put(menu_right,   urlFor(right, null));



    /* this works

    String prefix = getRequest().getContextPath() + /;

    arrows.put(menu_down, prefix + urlFor(down, null));

    arrows.put(menu_right, prefix + urlFor(right, null));

   */



    //arrow model just implements IModel to pass arrows for getObject()

    arrowModel model = new arrowModel(arrows);

    response.renderJavaScriptReference(

      new TextTemplateResourceReference(AppBasePage.class,


 includes/javascript/jqueryslidemenu.js, model));

 }



 When I initially login it works great for /home,  or other
 /mountedPageName pages, but if I follow a link to
 /wicket/bookmarkable/full.class.name/?stuffhere  the images will not
 display.



 It works if I prefix contextPath/ infront of the url.  But some of my
 sites are behind a proxy, and I would like this to work there as well.



 Thank you for any help,

 Tom Burton








-- 
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



RE: TextTemplateResourceReference problem

2012-04-04 Thread Burton, Tom F (DOR)
I'm not doing anything special to renderHead so it's getting called whatever 
the default is. 
(I thought every page, now I'm not so sure.)


arrowModel is just a private class on the Panel that looks like this:

private class arrowModel implements IModelMapString, Object
  {
  private MapString, Object map;

  arrowModel(MapString, Object map) { this.map = map; }

  /**
   * Gets the model object.
   *
   * @return The model object
   */
  public MapString, Object getObject() { return map; }

  /** Sets the model object.
   * @param object The model object
   */
  public void setObject(MapString, Object object) { }

  /**
   * Detaches model after use. This is generally used to null out transient
   * references that can be
   * re-attached later.
   */
  public void detach() { }
  }

I should probably mention I'm using Wicket 1.5.5

Thanks,
Tom Burton

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org] 
Sent: Wednesday, April 04, 2012 11:48 AM
To: users@wicket.apache.org
Subject: Re: TextTemplateResourceReference problem

Hi Tom,

Is ArrowModel and the TTRR recreated for for every page ? I guess the answer is 
YES but I need to ask.
Please create a quickstart and attach it to Jira so we can take a look.

On Wed, Apr 4, 2012 at 9:18 PM, Burton, Tom F (DOR) tom.bur...@alaska.gov 
wrote:
 Hello,

  I have a component(It displays a menu common across the pages of my
 application.)

 All the WebPages in my application inherit from BasePage which 
 includes the menu.



 BasePage includes a component MainMenu, which creates a List of 
 Lists(that contain page links)

 The Lists of lists are then wrapped inside of jQuerySlideMenu.



 jQuerySlideMenu has the following method defined

 renderHead(IHeaderResponse response)

 {

    super.renderHead(response);

    response

                .renderCSSReference(new 
 PackageResourceReference(AppBasePage.class,


 includes/css/jqueryslidemenu.css));

    response

                .renderCSSReference(new 
 PackageResourceReference(AppBasePage.class,


 includes/css/printjqueryslidemenu.css), print);



    MapString, Object arrows = new HashMapString, Object(2);



    /*

     * TODO: look into Meta-inf staticing the resources (faster)

     * uses MetaInfStaticResourceReference

     * requires the files to be mounted under

     * /META-INF/resources in the final jar

     */

    //TODO: look at finding a way to make sure it gets redone for every 
 page

    PackageResourceReference down =

           new PackageResourceReference(AppBasePage.class,

                                        includes/menu_down.gif);

    PackageResourceReference right =

               new PackageResourceReference(AppBasePage.class,

                                            includes/menu_right.gif);



   arrows.put(menu_down, urlFor(down, null));

   arrows.put(menu_right,   urlFor(right, null));



    /* this works

    String prefix = getRequest().getContextPath() + /;

    arrows.put(menu_down, prefix + urlFor(down, null));

    arrows.put(menu_right, prefix + urlFor(right, null));

   */



    //arrow model just implements IModel to pass arrows for getObject()

    arrowModel model = new arrowModel(arrows);

    response.renderJavaScriptReference(

      new TextTemplateResourceReference(AppBasePage.class,


 includes/javascript/jqueryslidemenu.js, model));

 }



 When I initially login it works great for /home,  or other 
 /mountedPageName pages, but if I follow a link to 
 /wicket/bookmarkable/full.class.name/?stuffhere  the images will not 
 display.



 It works if I prefix contextPath/ infront of the url.  But some of my 
 sites are behind a proxy, and I would like this to work there as well.



 Thank you for any help,

 Tom Burton








--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com



RE: TextTemplateResourceReference problem

2012-04-04 Thread Burton, Tom F (DOR)
Per you're instructions I've opened a ticket in JIRA.

WICKET-4487

-Original Message-
From: Martin Grigorov [mailto:mgrigo...@apache.org] 
Sent: Wednesday, April 04, 2012 11:48 AM
To: users@wicket.apache.org
Subject: Re: TextTemplateResourceReference problem

Hi Tom,

Is ArrowModel and the TTRR recreated for for every page ? I guess the answer is 
YES but I need to ask.
Please create a quickstart and attach it to Jira so we can take a look.

On Wed, Apr 4, 2012 at 9:18 PM, Burton, Tom F (DOR) tom.bur...@alaska.gov 
wrote:
 Hello,

  I have a component(It displays a menu common across the pages of my
 application.)

 All the WebPages in my application inherit from BasePage which 
 includes the menu.



 BasePage includes a component MainMenu, which creates a List of 
 Lists(that contain page links)

 The Lists of lists are then wrapped inside of jQuerySlideMenu.



 jQuerySlideMenu has the following method defined

 renderHead(IHeaderResponse response)

 {

    super.renderHead(response);

    response

                .renderCSSReference(new 
 PackageResourceReference(AppBasePage.class,


 includes/css/jqueryslidemenu.css));

    response

                .renderCSSReference(new 
 PackageResourceReference(AppBasePage.class,


 includes/css/printjqueryslidemenu.css), print);



    MapString, Object arrows = new HashMapString, Object(2);



    /*

     * TODO: look into Meta-inf staticing the resources (faster)

     * uses MetaInfStaticResourceReference

     * requires the files to be mounted under

     * /META-INF/resources in the final jar

     */

    //TODO: look at finding a way to make sure it gets redone for every 
 page

    PackageResourceReference down =

           new PackageResourceReference(AppBasePage.class,

                                        includes/menu_down.gif);

    PackageResourceReference right =

               new PackageResourceReference(AppBasePage.class,

                                            includes/menu_right.gif);



   arrows.put(menu_down, urlFor(down, null));

   arrows.put(menu_right,   urlFor(right, null));



    /* this works

    String prefix = getRequest().getContextPath() + /;

    arrows.put(menu_down, prefix + urlFor(down, null));

    arrows.put(menu_right, prefix + urlFor(right, null));

   */



    //arrow model just implements IModel to pass arrows for getObject()

    arrowModel model = new arrowModel(arrows);

    response.renderJavaScriptReference(

      new TextTemplateResourceReference(AppBasePage.class,


 includes/javascript/jqueryslidemenu.js, model));

 }



 When I initially login it works great for /home,  or other 
 /mountedPageName pages, but if I follow a link to 
 /wicket/bookmarkable/full.class.name/?stuffhere  the images will not 
 display.



 It works if I prefix contextPath/ infront of the url.  But some of my 
 sites are behind a proxy, and I would like this to work there as well.



 Thank you for any help,

 Tom Burton








--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com



Re: Wicket Application on GoDaddy

2012-04-04 Thread Jeremy Thomerson
On Wed, Apr 4, 2012 at 1:49 AM, Satrix satrix...@gmail.com wrote:

 Yes. I know that I can redirect all requests but the question is how to
 deploy Java Web App on their hosting because there is something like
 Parallels Panel and you have to upload your WAR file and the files are
 generated (cant edit them by hand).

 That's why my application is available under
 www.domain.com/warfilename/home
 My context.xml file in the application has path= so it should start on
 default path


It's a GoDaddy hosting-related question, not Wicket.  Maybe someone here
has done it before, but as someone upthread mentioned you'll really just
have to search GoDaddy tech docs or contact their support for further help.

-- 
Jeremy Thomerson
http://wickettraining.com
*Need a CMS for Wicket?  Use Brix! http://brixcms.org*


Inserting String/Date problem .

2012-04-04 Thread SudeepShakya
I have two textboxes which take dates using datepicker(I have set Date.class
in the Textbox also) and a dropdown choice which takes 'telecom' and I have
getters and setters for all of them. I have set all of them as String. And
the query  and code for doing the operation for selecting the data is below
:

String query = SELECT * FROM tbl_vote INNER JOIN tbl_contestant WHERE ( (
(tbl_vote.tokenID = tbl_contestant.tokenID) AND tbl_vote.telecom = ?)  AND
(date_time = ? AND date_time = ?));

 PreparedStatement statement = this.db.prepareStatement(query);
  statement.setString(1, aVote.getTelecom());
   statement.setString(2,aVote.getDate1());
  statement.setString(3, aVote.getDate2());  

The datepicker sets the date in format 4/5/12 (dd/mm/yy) but I know that
mySql use the format -mm-dd. So when i enter the dates and the other
field, the data is not retrieved.
So how to set date to the database ? I have set Date field as 'datetime' in
database.
Is there some wrong logic in my code/query ?

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Inserting-String-Date-problem-tp4534005p4534005.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Wicket Application on GoDaddy

2012-04-04 Thread Satrix
Yeah, You are right about that it's GoDaddy's problem. Their support couldn't
help me with it... But my collegue who's managing this hosting finally did
it.

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Wicket-Application-on-GoDaddy-tp4529071p4534008.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: Inserting String/Date problem .

2012-04-04 Thread SudeepShakya
Hello, is there anyone ??

--
View this message in context: 
http://apache-wicket.1842946.n4.nabble.com/Inserting-String-Date-problem-tp4534005p4534020.html
Sent from the Users forum mailing list archive at Nabble.com.

-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org



Re: What real life scenario calls for page ID?

2012-04-04 Thread Bertrand Guay-Paquet

I reproduced the issue in the quickstart attached to WICKET-4488.

On 04/04/2012 3:44 PM, Martin Grigorov wrote:

Hi Bertrand,

Did you verify that ? If yes and you have a quickstart then create a ticket.
There are no tickets from this discussion so far.

On Wed, Apr 4, 2012 at 6:31 PM, Bertrand Guay-Paquet
ber...@step.polymtl.ca  wrote:

Hi,

Is there a JIRA issue tracking this render wrong page based on page
version problem? I'm very interested in this issue since sharing links to
stateful pages containing a page version is essentially broken.

Regards,
Bertrand


On 20/03/2012 12:45 PM, Igor Vaynberg wrote:

On Tue, Mar 20, 2012 at 8:52 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

On Tue, Mar 20, 2012 at 5:42 PM, Igor Vaynbergigor.vaynb...@gmail.com
  wrote:

On Tue, Mar 20, 2012 at 8:28 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

On Tue, Mar 20, 2012 at 5:20 PM, Igor Vaynbergigor.vaynb...@gmail.com
  wrote:

On Tue, Mar 20, 2012 at 1:07 AM, Martin Grigorovmgrigo...@apache.org
  wrote:

On Tue, Mar 20, 2012 at 12:55 AM, Igor
Vaynbergigor.vaynb...@gmail.comwrote:

indeed. we should check that the page pointed to by the id maps back
to the mount, and create a new instance based on the mount if it
doesnt. jira please.

This is already the case, no need of a ticket for this. If there is
no
?5 then Wicket creates ?0 and shows it.

this is not what i was talking about...


The problem Pointbreak actually mean is that userA may have opened
?5 in his session, copy the url and give it to
userB, but userB also already have its own session and by chance he
also had reached ?5 and these two ?5s are
different because they may have different states for both users.

not only are ?5 different, but they are entirely different pages.

so user A goes to /foo, we redirect to /foo?0, they click around and
end up on /foo?2
user B goes to /bar, we redirect to /bar?0, they click around and end
up on /bar?7

now user A emails user B the /foo?2 link. when user B hits that link
they end up going to a previous version of their *bar* page instead of
some instance of /foo because we do not check the mount vs the page
id, and whats worse we keep the mount in the url even though we are
displaying a page that is not mounted.

Ouch!


i guess this is why in 1.4 we dropped the mount from nonbookmarkable
urls...

I hope you don't mean that we have to redirect to wicket/page?0 from
the bookmarkable url that the user requested.

no. we should redirect to wicket/page?x when the user navigates away
from the mounted page.

so i go to /bar which is BarPage and end up on /bar?0. click a link
that does something to BarPage, so end up on /bar?1. click a link that
takes me to FooPage, at this point since the page does not match the
mount i should go to /wicket/page?3

Currently it works just as you described it. Or I don't understand you
well.
A quickstart will make it more clear :-)

My ouch was for something else - userA sends foo?5, but userB's ?5
is for BarPage and current PageProvider will silently return BarPage's
version5. It wont be FooPage!

hrm. yes. in a cleanroom quickstart that is indeed how it works. in
our prod app, for some reason, it just shows the other page on the old
page's mount. i will have to dig into that in our code base.

the quickstart does show what you have described above (showing the
old version of the page instead of creating a new one), but it also
does another interesting. when it redirects to the incorrect version
of the other page it also uses wicket/bookmarkable url instead of the
mount.

so when i am on /bar?4 and change 4 to 2 which is a version of FooPage
mounted on /foo i dont go to /foo?5 like i should, instead i go to
/wicket/bookmarkable/FooPage?2

-igor




-igor


It'd be better if we check the type of the stored page against the
type of the page that is mounted at this bookmarkable url and throw
PageExpiredException if they don't match.


-igor





The confusing part here is bookmarkable. Now imagine that there is
no ?pageId in the url. userA clicks several Ajax links to get to
version5 of that page and then copy/paste the url but userB will see
the initial state of the page, not version5 that userA actually
meant.
So it seems only ?0 is actually bookmarkable for stateful pages.
Only in this case both users will see the same content (if there is
no
special logic for user permissions involved).

If userA wants to fully share his page with userB then he has to
share
his session too, i.e. both ?5 and jessionid= has to be in the pasted
url. I don't recomment this!

?5 helps when the user refreshes the page in his current session. In
this case he will see the same content as before the refresh. In 1.4
he'd see the initial state of the page and will loose any state that
is not persisted so far.



-igor

On Mon, Mar 19, 2012 at 3:52 PM, Pointbreak
pointbreak+wicketst...@ml1.netwrote:

It's a problem when users bookmark it. Because ...?5 this session
is an
entirely other page as ...?5 in