Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured page.
I'm doing the https/http redirecting inside of a WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm using
the HttpServletRequest to build the url, which returns url info based on the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle .getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
RE: @SSLRequired
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to Page
2.
If you go to page 1 then it attempts to redirect to page2 and then wicket
redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured page.
I'm doing the https/http redirecting inside of a WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm using
the HttpServletRequest to build the url, which returns url info based on the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle .getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based on
the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based on
the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
RE: @SSLRequired
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or any other
thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based on
the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
RE: @SSLRequired
Would rewrite work with the wicket's ability to forward to a instantiated Page?
Douglas
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan Gravener
Sent: Friday, April 17, 2009 10:52 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based on
the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
see org.apache.wicket.protocol.https package
-igor
On Fri, Apr 17, 2009 at 11:40 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or any other
thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect. If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based on
the
orginal request. I've been looking all around and I can't find any way of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
Yes - 1.4 is stable enough for production. It is getting very near a final
release. Many are already using it in production (I am on numerous apps)
and have been for some time now.
--
Jeremy Thomerson
http://www.wickettraining.com
On Fri, Apr 17, 2009 at 1:40 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or any
other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener r...@ryangravener.com
wrote:
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain
and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how
to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and
wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some
issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect.
If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based
on
the
orginal request. I've been looking all around and I can't find any way
of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle
.getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
there are a couple of api-breaking refactors coming though, like the
generics thing for listview.
-igor
On Fri, Apr 17, 2009 at 12:08 PM, Jeremy Thomerson
jer...@wickettraining.com wrote:
Yes - 1.4 is stable enough for production. It is getting very near a final
release. Many are already using it in production (I am on numerous apps)
and have been for some time now.
--
Jeremy Thomerson
http://www.wickettraining.com
On Fri, Apr 17, 2009 at 1:40 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or any
other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener r...@ryangravener.com
wrote:
How about just having apache httpd rewrite the http(s) for the pages you
need? I haven't yet did our ssl implementation, but I know that I don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the chain
and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2 and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure out how
to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away and
wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having some
issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl redirect.
If
this happens then I redirect back to the top of the chain, because I'm
using
the HttpServletRequest to build the url, which returns url info based
on
the
orginal request. I've been looking all around and I can't find any way
of
building a url that represents the last redirect. I've tried
Application.get().getRequestCycleProcessor().getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest) requestCycle
.getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional
Re: @SSLRequired
Where cab I view it online I don't see it in the javadoc
Douglas Ferguson
512-293-7279
Sent from my iPhone
On Apr 17, 2009, at 1:52 PM, Igor Vaynberg igor.vaynb...@gmail.com
wrote:
see org.apache.wicket.protocol.https package
-igor
On Fri, Apr 17, 2009 at 11:40 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or
any other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that
should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener
r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the
pages you
need? I haven't yet did our ssl implementation, but I know that I
don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the
chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one
redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2
and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure
out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away
and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of
Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having
some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a
secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl
redirect. If
this happens then I redirect back to the top of the chain,
because I'm
using
the HttpServletRequest to build the url, which returns url info
based on
the
orginal request. I've been looking all around and I can't find
any way of
building a url that represents the last redirect. I've tried
Application.
get(
).g
etRequestCycleProcessor(
).getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest)
requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
---
--
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: @SSLRequired
Go to wicket.apache.org - in the left bar near the bottom there are links to
the source repo and to the fisheye view.
--
Jeremy Thomerson
http://www.wickettraining.com
On Fri, Apr 17, 2009 at 2:30 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Where cab I view it online I don't see it in the javadoc
Douglas Ferguson
512-293-7279
Sent from my iPhone
On Apr 17, 2009, at 1:52 PM, Igor Vaynberg igor.vaynb...@gmail.com
wrote:
see org.apache.wicket.protocol.https package
-igor
On Fri, Apr 17, 2009 at 11:40 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or
any other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that
should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener
r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the
pages you
need? I haven't yet did our ssl implementation, but I know that I
don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the
chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one
redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2
and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure
out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away
and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of
Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having
some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a
secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl
redirect. If
this happens then I redirect back to the top of the chain,
because I'm
using
the HttpServletRequest to build the url, which returns url info
based on
the
orginal request. I've been looking all around and I can't find
any way of
building a url that represents the last redirect. I've tried
Application.
get(
).g
etRequestCycleProcessor(
).getRequestCodingStrategy().pathForTarget(requestTarget);
and
RequestCycle.get().urlFor(requestTarget)
Here's my current impl for The RequestCycleProcessor.
WebRequest webRequest = (WebRequest)
requestCycle .getRequest();
WebResponse webResponse = (WebResponse) requestCycle
.getResponse();
HttpServletRequest httpServletRequest =
webRequest.getHttpServletRequest();
StringBuffer url = new StringBuffer(protocol);
url.append(httpServletRequest.getServerName());
if(defaultPort != port){
url.append(: + port);
}
url.append(webRequest.getHttpServletRequest().getContextPath());
url.append(webRequest.getServletPath());
String queryString =
webRequest.getHttpServletRequest().getQueryString();
---
--
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
RE: @SSLRequired
Ok.. I had a chance to look at the code.
It will have the same problem as my code.
1) Page1 (doesn't require https)
Page2 (requires https)
I load Page1 and it detects a situation that requires it to load Page2.
The redirect is done inside wicket using setResponsePage(page2)
The requestCyledProcessor will intercept this after the internarl redirect
at which point it sees Page2 on the target and realizes it needs to redirect
to https
When it redirects it uses the httpservlet request to build a new url and
changing the protocol.
Since the orginal request was made for Page1, wicket will request Page1
(this constructing another object), when then we redirect to Page2 again, if
loading these pages causing side effects, these side effects will happen twice!
2) Page1 (doesn't required https)
Page2 (required https)
Page1 does a redirect to Pages using setResponsePage(new
Page2(..specialParameters..))
The internal redirect will trigger a protocol change, which triggers this
code
else if (target instanceof IBookmarkablePageRequestTarget)
{
return
((IBookmarkablePageRequestTarget)target).getPageClass();
}
Which means that the instantiated Page2 that you expecting to redirect to
will be thrown away
and wicket will do a new instance on the Page2.getClass()
-Original Message-
From: Jeremy Thomerson [mailto:jer...@wickettraining.com]
Sent: Friday, April 17, 2009 2:55 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
Go to wicket.apache.org - in the left bar near the bottom there are links to
the source repo and to the fisheye view.
--
Jeremy Thomerson
http://www.wickettraining.com
On Fri, Apr 17, 2009 at 2:30 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Where cab I view it online I don't see it in the javadoc
Douglas Ferguson
512-293-7279
Sent from my iPhone
On Apr 17, 2009, at 1:52 PM, Igor Vaynberg igor.vaynb...@gmail.com
wrote:
see org.apache.wicket.protocol.https package
-igor
On Fri, Apr 17, 2009 at 11:40 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or
any other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that
should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener
r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the
pages you
need? I haven't yet did our ssl implementation, but I know that I
don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the
chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one
redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2
and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure
out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away
and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of
Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having
some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a
secured
page.
I'm doing the https/http redirecting inside of a
WebRequestCycleProcessor,
which works well unless there is a redirect prior to the ssl
redirect. If
this happens then I redirect back to the top of the chain,
because I'm
using
the HttpServletRequest to build the url, which returns url info
Re: @SSLRequired
huh?
if you call setresponsepage(new page2()) this will not create a
bookmarkable page request target, if it did then these kinds of links
wouldnt work regardless of http or https.
-igor
On Fri, Apr 17, 2009 at 3:35 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Ok.. I had a chance to look at the code.
It will have the same problem as my code.
1) Page1 (doesn't require https)
Page2 (requires https)
I load Page1 and it detects a situation that requires it to load Page2.
The redirect is done inside wicket using setResponsePage(page2)
The requestCyledProcessor will intercept this after the internarl redirect
at which point it sees Page2 on the target and realizes it needs to
redirect to https
When it redirects it uses the httpservlet request to build a new url and
changing the protocol.
Since the orginal request was made for Page1, wicket will request Page1
(this constructing another object), when then we redirect to Page2 again, if
loading these pages causing side effects, these side effects will happen
twice!
2) Page1 (doesn't required https)
Page2 (required https)
Page1 does a redirect to Pages using setResponsePage(new
Page2(..specialParameters..))
The internal redirect will trigger a protocol change, which triggers this
code
else if (target instanceof IBookmarkablePageRequestTarget)
{
return
((IBookmarkablePageRequestTarget)target).getPageClass();
}
Which means that the instantiated Page2 that you expecting to redirect to
will be thrown away
and wicket will do a new instance on the Page2.getClass()
-Original Message-
From: Jeremy Thomerson [mailto:jer...@wickettraining.com]
Sent: Friday, April 17, 2009 2:55 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
Go to wicket.apache.org - in the left bar near the bottom there are links to
the source repo and to the fisheye view.
--
Jeremy Thomerson
http://www.wickettraining.com
On Fri, Apr 17, 2009 at 2:30 PM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Where cab I view it online I don't see it in the javadoc
Douglas Ferguson
512-293-7279
Sent from my iPhone
On Apr 17, 2009, at 1:52 PM, Igor Vaynberg igor.vaynb...@gmail.com
wrote:
see org.apache.wicket.protocol.https package
-igor
On Fri, Apr 17, 2009 at 11:40 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
Is 1.4 ready for prime-time?
If not, is there anything I could cull from that code for 1.3.5? Or
any other thoughts that might help?
Douglas
-Original Message-
From: Igor Vaynberg [mailto:igor.vaynb...@gmail.com]
Sent: Friday, April 17, 2009 12:38 PM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
i just checked in org.apache.wicekt.protocol.https package that
should
help with this. its in 1.4 only.
-igor
On Fri, Apr 17, 2009 at 8:52 AM, Ryan Gravener
r...@ryangravener.com wrote:
How about just having apache httpd rewrite the http(s) for the
pages you
need? I haven't yet did our ssl implementation, but I know that I
don't
want the logic in wicket.
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 11:27 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
That's where I got my code..
I'm hitting 2 issues
1) The ssl detection/redirect isn't happening till the end of the
chain and
when it redirects it redirects back to the top.
Ie. Page 1 is not secure, Page 2 is secure. Page one
redirects to
Page 2.
If you go to page 1 then it attempts to redirect to page2
and then
wicket redirects to Page 1 with https..
I would prefer to go directly to Page 2, but I can't figure
out how to
build that url..
2) My other issues is this:
else if (requestTarget instanceof IPageRequestTarget) {
targetClass = ((IPageRequestTarget)
requestTarget).getPage()
.getClass();
}
This means that if you redirect to a Page object which you have
constructed with special state, then this throws that object away
and wicket
will use default constructor.
-Original Message-
From: snoop...@gmail.com [mailto:snoop...@gmail.com] On Behalf Of
Ryan
Gravener
Sent: Friday, April 17, 2009 10:00 AM
To: users@wicket.apache.org
Subject: Re: @SSLRequired
maybe this is of use:
http://cwiki.apache.org/WICKET/how-to-switch-to-ssl-mode.html
Ryan Gravener
http://ryangravener.com/flex | http://twitter.com/ryangravener
On Fri, Apr 17, 2009 at 10:48 AM, Douglas Ferguson
doug...@douglasferguson.us wrote:
I'm implement an SSL scheme using annotations and I'm having
some issues
with redirecting properly.
The issue is when I have non-secured page that redirects to a
secured
page.
I'm doing
