Session Creation Problem
Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation Problem
use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation Problem
Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation Problem
wicket will create session instances for every request if there is no session stored in httpsession. the session is stored into httpsession only when the user encounters a stateful page. i am guessing that since you changed the form to stateless the page itself is no longer stateful and so wicket will not save it into session, thus it creates an interim session for the duration of the request. if you want to manually bind the session then call bind() on it. -igor On Fri, Jun 20, 2008 at 8:43 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation Problem
Hi Igor, thanks for your support. Still I am a bit confused about the two types of sessions we are dealing with: as far as I understood, there is a wicket session that is stored within the http session of the container. Now, which session is responsible for the Page Expired situations? The Wicket session or the http session? If it would be the http session then it should not matter whether a wicket session is created or not as long as the wicket session is not bound to a http session, right? BTW: for not wasting your time, any links to documentation on the matter would be great as well. I looked through the wicket docs but did not find anything relevant. Cheers, J. Igor Vaynberg wrote: wicket will create session instances for every request if there is no session stored in httpsession. the session is stored into httpsession only when the user encounters a stateful page. i am guessing that since you changed the form to stateless the page itself is no longer stateful and so wicket will not save it into session, thus it creates an interim session for the duration of the request. if you want to manually bind the session then call bind() on it. -igor On Fri, Jun 20, 2008 at 8:43 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Session Creation Problem
once the wicket sesson object is bound (stored in httpsesson) their lifecycles are the same. it is httpsession timing out that causes page expired errors. -igor On Fri, Jun 20, 2008 at 9:08 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi Igor, thanks for your support. Still I am a bit confused about the two types of sessions we are dealing with: as far as I understood, there is a wicket session that is stored within the http session of the container. Now, which session is responsible for the Page Expired situations? The Wicket session or the http session? If it would be the http session then it should not matter whether a wicket session is created or not as long as the wicket session is not bound to a http session, right? BTW: for not wasting your time, any links to documentation on the matter would be great as well. I looked through the wicket docs but did not find anything relevant. Cheers, J. Igor Vaynberg wrote: wicket will create session instances for every request if there is no session stored in httpsession. the session is stored into httpsession only when the user encounters a stateful page. i am guessing that since you changed the form to stateless the page itself is no longer stateful and so wicket will not save it into session, thus it creates an interim session for the duration of the request. if you want to manually bind the session then call bind() on it. -igor On Fri, Jun 20, 2008 at 8:43 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional
Re: Session Creation Problem
Hi, thanks again for your help, replacing the form by the stateless form has done the job as I could verify by lowering the http session timeout. What I still do not fully understand is why the error has now disappeared because still a full http session is created as I can see from the Tomcat Management Console. Anyway, perhaps I will take me some time to figure it out by looking into the source... Thanks, J. Igor Vaynberg wrote: once the wicket sesson object is bound (stored in httpsesson) their lifecycles are the same. it is httpsession timing out that causes page expired errors. -igor On Fri, Jun 20, 2008 at 9:08 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi Igor, thanks for your support. Still I am a bit confused about the two types of sessions we are dealing with: as far as I understood, there is a wicket session that is stored within the http session of the container. Now, which session is responsible for the Page Expired situations? The Wicket session or the http session? If it would be the http session then it should not matter whether a wicket session is created or not as long as the wicket session is not bound to a http session, right? BTW: for not wasting your time, any links to documentation on the matter would be great as well. I looked through the wicket docs but did not find anything relevant. Cheers, J. Igor Vaynberg wrote: wicket will create session instances for every request if there is no session stored in httpsession. the session is stored into httpsession only when the user encounters a stateful page. i am guessing that since you changed the form to stateless the page itself is no longer stateful and so wicket will not save it into session, thus it creates an interim session for the duration of the request. if you want to manually bind the session then call bind() on it. -igor On Fri, Jun 20, 2008 at 8:43 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark
Re: Session Creation Problem
stateless form generates a bookmarkable action url so the page instance is recreated when the form submits rather then pulled from session. -igor On Fri, Jun 20, 2008 at 1:12 PM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, thanks again for your help, replacing the form by the stateless form has done the job as I could verify by lowering the http session timeout. What I still do not fully understand is why the error has now disappeared because still a full http session is created as I can see from the Tomcat Management Console. Anyway, perhaps I will take me some time to figure it out by looking into the source... Thanks, J. Igor Vaynberg wrote: once the wicket sesson object is bound (stored in httpsesson) their lifecycles are the same. it is httpsession timing out that causes page expired errors. -igor On Fri, Jun 20, 2008 at 9:08 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi Igor, thanks for your support. Still I am a bit confused about the two types of sessions we are dealing with: as far as I understood, there is a wicket session that is stored within the http session of the container. Now, which session is responsible for the Page Expired situations? The Wicket session or the http session? If it would be the http session then it should not matter whether a wicket session is created or not as long as the wicket session is not bound to a http session, right? BTW: for not wasting your time, any links to documentation on the matter would be great as well. I looked through the wicket docs but did not find anything relevant. Cheers, J. Igor Vaynberg wrote: wicket will create session instances for every request if there is no session stored in httpsession. the session is stored into httpsession only when the user encounters a stateful page. i am guessing that since you changed the form to stateless the page itself is no longer stateful and so wicket will not save it into session, thus it creates an interim session for the duration of the request. if you want to manually bind the session then call bind() on it. -igor On Fri, Jun 20, 2008 at 8:43 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I tried using a stateless form for the Login page, but it seems that a new session is created before the page is even called. I inserted a stacktrack output in the constructor of my Wicket-Session (which happens to be s subclass of AuthenticatedWebSession) and that trace shows me that AuthenticatedWebApplication.newSession is called by wicket somewhere in the application lifecycle. I can reproduce the behavior by adding a logout link that invalidates the current session and redirects to the Homepage (implying a redirect to the Login page). Again, a new session is created immediately by wicket. Any clues? J. Igor Vaynberg wrote: use a stateless form -igor On Fri, Jun 20, 2008 at 1:21 AM, Jürgen Lind [EMAIL PROTECTED] wrote: Hi, I am facing a little annoyance in conjunction with session creation that I have been unable to fix until now: 1. My pages are guarded using MetaDataRoleAuthorizationStrategy 2. When the homepage is opened, the user is redirected to the Login page 3. Now, if the user does not fill out the form immediately but waits very long, a Page Expired error is thrown when the form is submitted As I said, this is not a big problem but rather an annoyance that I would like to have fixed. Can anybody tell me what the problem is? I assume that a session is created immediately when the user opens the home page. How can I avoid this behavior? Kind Regards, Jürgen -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Mit freundlichen Grüßen, Jürgen Lind -- Dr. Jürgen Lind iteratec GmbHFon: +49 (0)89 614551-44 Inselkammerstrasse 4 Fax: +49 (0)89 614551-10 82008 Unterhaching Web: www.iteratec.de Sitz und Registergericht der iteratec GmbH: München HRB 113 519 Geschäftsführer: Klaus Eberhardt, Mark Goerke, Inge Hanschke, Ralf Menzel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: