Re: CryptedUrlWebRequestCodingStrategy and bookmarkable urls
Hi,
I haven't used 1.4 for 2 years now... I cannot say what is wrong and
how to achieve what you need there.
I just showed you how to do that in Wicket 1.5. Use it if you can
upgrade to 1.5 soon.
On Fri, Mar 23, 2012 at 12:05 PM, brazz wrote:
> Thanks Martin for your reply!
>
> So what i understand is:
>
> using:
>
> *@Override
> protected IRequestCycleProcessor newRequestCycleProcessor() {
> return new WebRequestCycleProcessor()
> {
> protected IRequestCodingStrategy newRequestCodingStrategy()
> {
> return new CryptedUrlWebRequestCodingStrategy(new
> WebRequestCodingStrategy());
> }
> };
> } *
>
> in combination with:
>
> new ClassCryptFactory(*NoCrypt.class*,*
> ISecuritySettings.DEFAULT_ENCRYPTION_KEY*));
>
> will work for wicket 1.4 as long as don't need a custom Crypt-Factory.
>
> Is that correct?
>
>
>
>
> --
> View this message in context:
> http://apache-wicket.1842946.n4.nabble.com/CryptedUrlWebRequestCodingStrategy-and-bookmarkable-urls-tp4498153p4498328.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: CryptedUrlWebRequestCodingStrategy and bookmarkable urls
Thanks Martin for your reply!
So what i understand is:
using:
*@Override
protected IRequestCycleProcessor newRequestCycleProcessor() {
return new WebRequestCycleProcessor()
{
protected IRequestCodingStrategy newRequestCodingStrategy()
{
return new CryptedUrlWebRequestCodingStrategy(new
WebRequestCodingStrategy());
}
};
} *
in combination with:
new ClassCryptFactory(*NoCrypt.class*,*
ISecuritySettings.DEFAULT_ENCRYPTION_KEY*));
will work for wicket 1.4 as long as don't need a custom Crypt-Factory.
Is that correct?
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/CryptedUrlWebRequestCodingStrategy-and-bookmarkable-urls-tp4498153p4498328.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: CryptedUrlWebRequestCodingStrategy and bookmarkable urls
Hi,
At https://issues.apache.org/jira/browse/WICKET-4140 there is a
attachment that does this for Wicket 1.5+.
On Fri, Mar 23, 2012 at 10:42 AM, brazz wrote:
> Hi,
>
> i want to encrypt my urls except the bookmarkable ones.
>
> my bookmarkable pages are mounted in the contructor of my Application class.
>
> In my Application class i have this code (copied from wicket wiki page):
>
> @Override
> protected IRequestCycleProcessor newRequestCycleProcessor() {
> return new WebRequestCycleProcessor()
> {
> protected IRequestCodingStrategy
> newRequestCodingStrategy()
> {
> return new
> CryptedUrlWebRequestCodingStrategy(new
> WebRequestCodingStrategy());
> }
> };
> }
>
> When i leave it like this, the bookmarkable pages are still bookmarkable,
> but when i also set a crypt factory in my Application class, the
> bookmarkable pages are not bookmarkable any more:
>
> @Override
> protected void init() {
> getSecuritySettings().setCryptFactory(
> new
> ClassCryptFactory(KeyInSessionSunJceCryptFactory.class,
> ISecuritySettings.DEFAULT_ENCRYPTION_KEY));
> }
>
> The comment of class "CryptedUrlWebRequestCodingStrategy" says that
> bookmarkable pages created during sessions will be not bookmarkable any
> more, but this isn't the case with my bookmarkable pages, because my mounts
> are set in my Application class.
>
> *Note:* The usage of the default {@link KeyInSessionSunJceCryptFactory} will
> also make all
> * bookmarkable urls generated during the user's session non-bookmarkable
> because they will be
> * encrypted using a session-relative encryption key; however, bookmarkable
> urls are still available
> * through their mounts.
> *
>
> Thanks for any ideas.
>
> --
> View this message in context:
> http://apache-wicket.1842946.n4.nabble.com/CryptedUrlWebRequestCodingStrategy-and-bookmarkable-urls-tp4498153p4498153.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
CryptedUrlWebRequestCodingStrategy and bookmarkable urls
Hi,
i want to encrypt my urls except the bookmarkable ones.
my bookmarkable pages are mounted in the contructor of my Application class.
In my Application class i have this code (copied from wicket wiki page):
@Override
protected IRequestCycleProcessor newRequestCycleProcessor() {
return new WebRequestCycleProcessor()
{
protected IRequestCodingStrategy
newRequestCodingStrategy()
{
return new
CryptedUrlWebRequestCodingStrategy(new
WebRequestCodingStrategy());
}
};
}
When i leave it like this, the bookmarkable pages are still bookmarkable,
but when i also set a crypt factory in my Application class, the
bookmarkable pages are not bookmarkable any more:
@Override
protected void init() {
getSecuritySettings().setCryptFactory(
new
ClassCryptFactory(KeyInSessionSunJceCryptFactory.class,
ISecuritySettings.DEFAULT_ENCRYPTION_KEY));
}
The comment of class "CryptedUrlWebRequestCodingStrategy" says that
bookmarkable pages created during sessions will be not bookmarkable any
more, but this isn't the case with my bookmarkable pages, because my mounts
are set in my Application class.
*Note:* The usage of the default {@link KeyInSessionSunJceCryptFactory} will
also make all
* bookmarkable urls generated during the user's session non-bookmarkable
because they will be
* encrypted using a session-relative encryption key; however, bookmarkable
urls are still available
* through their mounts.
*
Thanks for any ideas.
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/CryptedUrlWebRequestCodingStrategy-and-bookmarkable-urls-tp4498153p4498153.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
