I am currently working on an integration of SSL into our wicket
application. If pages are accessed, which are annotated with
@RequireHttps wicket correctly switches to SSL. This is achieved by adding:
/**
* Returns a HTTPS request cycle processor, if necessary
*/
@Override
protected IRequestCycleProcessor newRequestCycleProcessor()
{
return new HttpsRequestCycleProcessor(getHttpsConfig())
{
@Override
protected IRequestTarget checkSecureIncoming(IRequestTarget
target)
{
return super.checkSecureIncoming(target);
}
@Override
protected IRequestTarget checkSecureOutgoing(IRequestTarget
target)
{
return super.checkSecureOutgoing(target);
}
};
}
to the application class (as also indicated by the wicket wiki). Ok -
everything fine so far.
Now the next requirement is to always stay in SSL mode, if the user is
logged in. I thought about extending the methods above and add logic
such as
@Override
protected IRequestTarget checkSecureIncoming(IRequestTarget
target)
{
if (userisLoggedIn) {
return
SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
}
return super.checkSecureIncoming(target);
}
However, I cannot access the SwitchProtocolRequestTarget class, because
it is not defined as public.
What would you suggest in this case? Make a local copy of the class
(which would work). However, that does not seem to be nice Java coding
to me.
I was wondering what the other members of the mailing list think about it.
Kind regards
Philipp
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org