Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
ample I found in wicket examples:
1) the authorization strategy
getSecuritySettings().setAuthorizationStrategy(new
IAuthorizationStrategy()
{
@Override
public boolean
isInstantiationAuthorized(Class componentClass)
{
if
(AuthenticatedWebPage.class.isAssignableFrom(componentClass))
{
if (ApiAuthenticatedWebSession.get().isSignedIn())
return true;
throw new RestartResponseAtInterceptPageException(new
LoginPage());
}
return true;
}
@Override
public boolean isActionAuthorized(Component component, Action
action)
{
return true;
}
});
2) I have every page needing login.
3) I've got the login page mounted as /login and @RequireHttps on it.
4) In the onsubmit of the the login form I'm calling
continueToOriginalDestination();
That's my setup, My attempt was to override createRedirectUrl in
HttpsMapper so that it looks like this:
@Override
protected String createRedirectUrl(IRequestHandler handler, Request
request, Scheme scheme)
{
return StringUtils.remove(super.createRedirectUrl(handler,
request, scheme), "/documentation");
}
This works as long as I go to http://myserver.com/login and it will
correctly redirect to https://myserver.com/login rather than
https://myserver.com/documentation/login like it did before.
However, if I go to http://myserver.com/ (the home page which
redirects to the login page as part of the authorization strategy)
it goes to https://myserver.com/documentation/login. Also if I go
straight to the login page, login successfully, it will redirect to
http://myserver.com/documentation what it thinks is the home page.
I looked at the code in RestartResponseAtInterceptPageException and
I'm thinking this code could be the culprit:
static void continueToOriginalDestination()
{
InterceptData data = InterceptData.get();
if (data != null)
{
data.continueOk = true;
String url =
RequestCycle.get().getUrlRenderer().renderUrl(data.originalUrl);
RequestCycle.get().replaceAllRequestHandlers(new
RedirectRequestHandler(url)); <-- that's probably it
}
}
I also noticed when debugging, that if I go to http://myserver.com,
it never gets to the HttpsMapper#createRedirectUrl method probably
because of the code above. Of course, everything above works
perfect when I'm running it in WebLogic by itself with no Apache
Proxy in front of it.
I know what I wrote is not the best solution, but I'm really not
sure there's any other way based on how the Weblogic Apache plugin
works.
Thanks in advance for any help.
Tim
On 1/11/13 5:01 PM, vp143 wrote:
Hi Tim,
I do not use Weblogic but I do use Jboss.
Your problem sounds familar (but not exactly the same).
Take a look at my resolution here:
http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html
and try and apply it to Weblogic.
Regards
Vishal
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
inalDestination();
That's my setup, My attempt was to override createRedirectUrl in
HttpsMapper so that it looks like this:
@Override
protected String createRedirectUrl(IRequestHandler handler, Request
request, Scheme scheme)
{
return StringUtils.remove(super.createRedirectUrl(handler,
request, scheme), "/documentation");
}
This works as long as I go to http://myserver.com/login and it will
correctly redirect to https://myserver.com/login rather than
https://myserver.com/documentation/login like it did before.
However, if I go to http://myserver.com/ (the home page which
redirects to the login page as part of the authorization strategy)
it goes to https://myserver.com/documentation/login. Also if I go
straight to the login page, login successfully, it will redirect to
http://myserver.com/documentation what it thinks is the home page.
I looked at the code in RestartResponseAtInterceptPageException and
I'm thinking this code could be the culprit:
static void continueToOriginalDestination()
{
InterceptData data = InterceptData.get();
if (data != null)
{
data.continueOk = true;
String url =
RequestCycle.get().getUrlRenderer().renderUrl(data.originalUrl);
RequestCycle.get().replaceAllRequestHandlers(new
RedirectRequestHandler(url)); <-- that's probably it
}
}
I also noticed when debugging, that if I go to http://myserver.com,
it never gets to the HttpsMapper#createRedirectUrl method probably
because of the code above. Of course, everything above works
perfect when I'm running it in WebLogic by itself with no Apache
Proxy in front of it.
I know what I wrote is not the best solution, but I'm really not
sure there's any other way based on how the Weblogic Apache plugin
works.
Thanks in advance for any help.
Tim
On 1/11/13 5:01 PM, vp143 wrote:
Hi Tim,
I do not use Weblogic but I do use Jboss.
Your problem sounds familar (but not exactly the same).
Take a look at my resolution here:
http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html
and try and apply it to Weblogic.
Regards
Vishal
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
ntinueToOriginalDestination()
{
InterceptData data = InterceptData.get();
if (data != null)
{
data.continueOk = true;
String url =
RequestCycle.get().getUrlRenderer().renderUrl(data.originalUrl);
RequestCycle.get().replaceAllRequestHandlers(new
RedirectRequestHandler(url)); <-- that's probably it
}
}
I also noticed when debugging, that if I go to http://myserver.com,
it never gets to the HttpsMapper#createRedirectUrl method probably
because of the code above. Of course, everything above works
perfect when I'm running it in WebLogic by itself with no Apache
Proxy in front of it.
I know what I wrote is not the best solution, but I'm really not sure
there's any other way based on how the Weblogic Apache plugin works.
Thanks in advance for any help.
Tim
On 1/11/13 5:01 PM, vp143 wrote:
Hi Tim,
I do not use Weblogic but I do use Jboss.
Your problem sounds familar (but not exactly the same).
Take a look at my resolution here:
http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html
and try and apply it to Weblogic.
Regards
Vishal
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
First the good news, I was able to get it to work by deploying the
application in the root context. Once I did that, everything worked the
way it should, paged switched from http to https with no problem. The
bad news is that deploying it as / not an option. I've tried overriding
createRedirectUrl to strip out the context in the url in HttpsMapper,
but that only works part of the time. For example, when I put the
@RequireHttps annotation on a page, and have logged in, when I click a
link to it /documentation is added to the URL, which tells me it's more
of a problem than just HttpsMapper. Perhaps it's a problem with the
delegate mapper as well. The fact that it works correctly when deployed
as the root context tells me there's got to be a better way to fix it.
Anyway, I was wondering if anyone had any ideas as to where to start
looking. It would be nice if there was a way to tell the wicket
application that "even though I'm deployed at '/myapp', I'm actually
behind a proxy and my context is '/'" That would really solve the problem.
I was thinking of creating a JIRA ticket or feature request for this.
Any thoughts?
Tim
On 1/17/13 3:04 PM, Tim Urberg wrote:
Ok, I'm making *some* progress (if you can call it that). First of
all, here's more about my setup. I'm using wicket-auth-roles for
authentication and I have this set up in my WebApplication.class based
on an example I found in wicket examples:
1) the authorization strategy
getSecuritySettings().setAuthorizationStrategy(new
IAuthorizationStrategy()
{
@Override
public boolean
isInstantiationAuthorized(Class componentClass)
{
if (AuthenticatedWebPage.class.isAssignableFrom(componentClass))
{
if (ApiAuthenticatedWebSession.get().isSignedIn())
return true;
throw new RestartResponseAtInterceptPageException(new
LoginPage());
}
return true;
}
@Override
public boolean isActionAuthorized(Component component, Action action)
{
return true;
}
});
2) I have every page needing login.
3) I've got the login page mounted as /login and @RequireHttps on it.
4) In the onsubmit of the the login form I'm calling
continueToOriginalDestination();
That's my setup, My attempt was to override createRedirectUrl in
HttpsMapper so that it looks like this:
@Override
protected String createRedirectUrl(IRequestHandler handler, Request
request, Scheme scheme)
{
return StringUtils.remove(super.createRedirectUrl(handler,
request, scheme), "/documentation");
}
This works as long as I go to http://myserver.com/login and it will
correctly redirect to https://myserver.com/login rather than
https://myserver.com/documentation/login like it did before. However,
if I go to http://myserver.com/ (the home page which redirects to the
login page as part of the authorization strategy) it goes to
https://myserver.com/documentation/login. Also if I go straight to
the login page, login successfully, it will redirect to
http://myserver.com/documentation what it thinks is the home page.
I looked at the code in RestartResponseAtInterceptPageException and
I'm thinking this code could be the culprit:
static void continueToOriginalDestination()
{
InterceptData data = InterceptData.get();
if (data != null)
{
data.continueOk = true;
String url =
RequestCycle.get().getUrlRenderer().renderUrl(data.originalUrl);
RequestCycle.get().replaceAllRequestHandlers(new
RedirectRequestHandler(url)); <-- that's probably it
}
}
I also noticed when debugging, that if I go to http://myserver.com, it
never gets to the HttpsMapper#createRedirectUrl method probably
because of the code above. Of course, everything above works perfect
when I'm running it in WebLogic by itself with no Apache Proxy in
front of it.
I know what I wrote is not the best solution, but I'm really not sure
there's any other way based on how the Weblogic Apache plugin works.
Thanks in advance for any help.
Tim
On 1/11/13 5:01 PM, vp143 wrote:
Hi Tim,
I do not use Weblogic but I do use Jboss.
Your problem sounds familar (but not exactly the same).
Take a look at my resolution here:
http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html
and try and apply it to Weblogic.
Regards
Vishal
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
Ok, I'm making *some* progress (if you can call it that). First of all,
here's more about my setup. I'm using wicket-auth-roles for
authentication and I have this set up in my WebApplication.class based
on an example I found in wicket examples:
1) the authorization strategy
getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy()
{
@Override
public boolean
isInstantiationAuthorized(Class componentClass)
{
if (AuthenticatedWebPage.class.isAssignableFrom(componentClass))
{
if (ApiAuthenticatedWebSession.get().isSignedIn())
return true;
throw new RestartResponseAtInterceptPageException(new
LoginPage());
}
return true;
}
@Override
public boolean isActionAuthorized(Component component, Action action)
{
return true;
}
});
2) I have every page needing login.
3) I've got the login page mounted as /login and @RequireHttps on it.
4) In the onsubmit of the the login form I'm calling
continueToOriginalDestination();
That's my setup, My attempt was to override createRedirectUrl in
HttpsMapper so that it looks like this:
@Override
protected String createRedirectUrl(IRequestHandler handler, Request
request, Scheme scheme)
{
return StringUtils.remove(super.createRedirectUrl(handler, request,
scheme), "/documentation");
}
This works as long as I go to http://myserver.com/login and it will
correctly redirect to https://myserver.com/login rather than
https://myserver.com/documentation/login like it did before. However, if
I go to http://myserver.com/ (the home page which redirects to the login
page as part of the authorization strategy) it goes to
https://myserver.com/documentation/login. Also if I go straight to the
login page, login successfully, it will redirect to
http://myserver.com/documentation what it thinks is the home page.
I looked at the code in RestartResponseAtInterceptPageException and I'm
thinking this code could be the culprit:
static void continueToOriginalDestination()
{
InterceptData data = InterceptData.get();
if (data != null)
{
data.continueOk = true;
String url =
RequestCycle.get().getUrlRenderer().renderUrl(data.originalUrl);
RequestCycle.get().replaceAllRequestHandlers(new
RedirectRequestHandler(url)); <-- that's probably it
}
}
I also noticed when debugging, that if I go to http://myserver.com, it
never gets to the HttpsMapper#createRedirectUrl method probably because
of the code above. Of course, everything above works perfect when I'm
running it in WebLogic by itself with no Apache Proxy in front of it.
I know what I wrote is not the best solution, but I'm really not sure
there's any other way based on how the Weblogic Apache plugin works.
Thanks in advance for any help.
Tim
On 1/11/13 5:01 PM, vp143 wrote:
Hi Tim,
I do not use Weblogic but I do use Jboss.
Your problem sounds familar (but not exactly the same).
Take a look at my resolution here:
http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html
and try and apply it to Weblogic.
Regards
Vishal
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html
Sent from the Users forum mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: HttpsMapper with Apache Virtual Host Appending the Wrong Path
Hi Vishal, Thanks for sending this. I looked into it and the Weblogic HTTP Server plugin uses a different mechanism than the solution you posted. I'm going to have to look into it further. If anyone else has experience with the Weblogic plugin, your help would be appreciated (even if it was a non-Wicket case). Otherwise, it's something that will be on my list of things to look into down the road. Thanks, Tim On 1/11/13 5:01 PM, vp143 wrote: Hi Tim, I do not use Weblogic but I do use Jboss. Your problem sounds familar (but not exactly the same). Take a look at my resolution here: http://apache-wicket.1842946.n4.nabble.com/Configure-http-and-https-with-apache-and-jboss-td3633546.html and try and apply it to Weblogic. Regards Vishal -- View this message in context: http://apache-wicket.1842946.n4.nabble.com/HttpsMapper-with-Apache-Virtual-Host-Appending-the-Wrong-Path-tp4655303p4655311.html Sent from the Users forum mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
HttpsMapper with Apache Virtual Host Appending the Wrong Path
I using Wicket 6.4.0 and am deploying to WebLogic server version
10.3.5.0 I have set up a simple HttpsMapper in my WebApplication like this:
@Override
public void init()
{
...
setRootRequestMapper(new HttpsMapper(getRootRequestMapper(),
new HttpsConfig()));
}
I have a login page with the @RequireHttps annotation on it (set up with
Wicket Auth Roles). Everything works great when I deploy it to Weblogic
by itself. The problem comes in when the application sits behind Apache
using the Weblogic Apache Plugin
(http://docs.oracle.com/cd/E11035_01/wls100/plugins/apache.html). When
it tries to do the switch to https, it appends the weblogic context root
to the end of the path. So here's how it looks:
Weblogic Only (no problem):
Non-ssl - http://myserver.mycompany.com/documentation
after ssl switch - https://myserver.mycompany.com/documentation
Apache in front of weblogic
Non-ssl: http://documentation.mycompany.com
After ssl switch: https://documentation.mycompany.com/documentation <--
appends /documentation on the end
So then we get a 404. Here's what the Apache config snippets look like:
ServerName documentation.mycompany.com
