Re: custom expired page
there is no way in j2ee spec to determine if a previous session
existed. page expiration is an artifact of using wicket and if you use
stateful links you can determine it. if you use bookmarkable links
then you cannot.
-igor
On Mon, Apr 27, 2009 at 1:34 PM, alec wrote:
> maybe i should move away from the notion of a page. is there some way to
> determine if the session expired then? replacing all those
> BookmarkablePageLink's with normal links isn't an ideal solution. it'd be
> enough if at the login page there was something i could check that would
> tell me the session had expired.
>
> Matej Knopp wrote:
>>
>> If you use bookmarkable link then it's proper behavior.
>>
>> Bookmarkable link creates new page instance. It will never give you
>> expired error.
>>
>> -Matej
>>
>> On Mon, Apr 27, 2009 at 9:50 PM, alec wrote:
>>
>>>
>>> are you referring to the java code i write for the link?
>>>
>>> it'd be something like:
>>> add(new BookmarkablePageLink("home", Application.get().getHomePage());
>>>
>>> it's not something special about the link which causes it to redirect to
>>> the
>>> login page, it's that the homepage class (and several others) requires
>>> the
>>> user to have a certain role to instantiate it.
>>>
>>>
>>> Matej Knopp wrote:
>>>
can you paste here a link that redirects to login page?
-Matej
On Mon, Apr 27, 2009 at 9:39 PM, alec wrote:
>
> sorry if that sounded confusing, but it's not the expiredpage that
> requires
> authorization, it's the destination of the link that was clicked.
>
> e.g. the user clicks the link to home (which requires authorization)
> and
> instead of getting the expired page they get the login page.
>
> Igor Vaynberg wrote:
>
>
>>
>> make your ExpiredPage not require authorization/authentication
>>
>> -igor
>>
>> On Mon, Apr 27, 2009 at 12:32 PM, alec
>> wrote:
>>
>>
>>
>>>
>>> We have a wicket 1.3.5 application and are having trouble redirecting
>>> to
>>> an
>>> expired page if the user clicks on a link after the session expired.
>>> in
>>> our
>>> application's init method we have the call
>>> getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class);
>>> and this works if they click on a normal link after the session has
>>> been
>>> expired, but we're also using the AuthorizeInstantiation annotations
>>> (from
>>> wicket-auth-roles) on several pages that forces a logged in user to
>>> have
>>> a
>>> certain role to access the page or be redirected to the login page.
>>> Our
>>> problem is that if the session expired then the user gets redirected
>>> to
>>> the
>>> login page because of an unauthorized instantiation instead of being
>>> redirected to the expired page.
>>> Is there some way to work around this, or is there a way to determine
>>> if
>>> the
>>> session had expired on the login page so we could display a message
>>> there?
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>>
>>>
>>>
>>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>>
>>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
>
>
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>>
>>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
maybe i should move away from the notion of a page. is there some way
to determine if the session expired then? replacing all those
BookmarkablePageLink's with normal links isn't an ideal solution. it'd
be enough if at the login page there was something i could check that
would tell me the session had expired.
Matej Knopp wrote:
If you use bookmarkable link then it's proper behavior.
Bookmarkable link creates new page instance. It will never give you
expired error.
-Matej
On Mon, Apr 27, 2009 at 9:50 PM, alec wrote:
are you referring to the java code i write for the link?
it'd be something like:
add(new BookmarkablePageLink("home", Application.get().getHomePage());
it's not something special about the link which causes it to redirect to the
login page, it's that the homepage class (and several others) requires the
user to have a certain role to instantiate it.
Matej Knopp wrote:
can you paste here a link that redirects to login page?
-Matej
On Mon, Apr 27, 2009 at 9:39 PM, alec wrote:
sorry if that sounded confusing, but it's not the expiredpage that
requires
authorization, it's the destination of the link that was clicked.
e.g. the user clicks the link to home (which requires authorization) and
instead of getting the expired page they get the login page.
Igor Vaynberg wrote:
make your ExpiredPage not require authorization/authentication
-igor
On Mon, Apr 27, 2009 at 12:32 PM, alec
wrote:
We have a wicket 1.3.5 application and are having trouble redirecting
to
an
expired page if the user clicks on a link after the session expired.
in
our
application's init method we have the call
getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class);
and this works if they click on a normal link after the session has
been
expired, but we're also using the AuthorizeInstantiation annotations
(from
wicket-auth-roles) on several pages that forces a logged in user to
have
a
certain role to access the page or be redirected to the login page.
Our
problem is that if the session expired then the user gets redirected to
the
login page because of an unauthorized instantiation instead of being
redirected to the expired page.
Is there some way to work around this, or is there a way to determine
if
the
session had expired on the login page so we could display a message
there?
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
Like because your expired page requires the role. Remove the role annotation. - Brill Pappin On 27-Apr-09, at 3:32 PM, alec wrote: We have a wicket 1.3.5 application and are having trouble redirecting to an expired page if the user clicks on a link after the session expired. in our application's init method we have the call getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class); and this works if they click on a normal link after the session has been expired, but we're also using the AuthorizeInstantiation annotations (from wicket-auth-roles) on several pages that forces a logged in user to have a certain role to access the page or be redirected to the login page. Our problem is that if the session expired then the user gets redirected to the login page because of an unauthorized instantiation instead of being redirected to the expired page. Is there some way to work around this, or is there a way to determine if the session had expired on the login page so we could display a message there? - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
If you use bookmarkable link then it's proper behavior.
Bookmarkable link creates new page instance. It will never give you
expired error.
-Matej
On Mon, Apr 27, 2009 at 9:50 PM, alec wrote:
> are you referring to the java code i write for the link?
>
> it'd be something like:
> add(new BookmarkablePageLink("home", Application.get().getHomePage());
>
> it's not something special about the link which causes it to redirect to the
> login page, it's that the homepage class (and several others) requires the
> user to have a certain role to instantiate it.
>
>
> Matej Knopp wrote:
>>
>> can you paste here a link that redirects to login page?
>>
>> -Matej
>>
>> On Mon, Apr 27, 2009 at 9:39 PM, alec wrote:
>>
>>>
>>> sorry if that sounded confusing, but it's not the expiredpage that
>>> requires
>>> authorization, it's the destination of the link that was clicked.
>>>
>>> e.g. the user clicks the link to home (which requires authorization) and
>>> instead of getting the expired page they get the login page.
>>>
>>> Igor Vaynberg wrote:
>>>
make your ExpiredPage not require authorization/authentication
-igor
On Mon, Apr 27, 2009 at 12:32 PM, alec
wrote:
>
> We have a wicket 1.3.5 application and are having trouble redirecting
> to
> an
> expired page if the user clicks on a link after the session expired.
> in
> our
> application's init method we have the call
> getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class);
> and this works if they click on a normal link after the session has
> been
> expired, but we're also using the AuthorizeInstantiation annotations
> (from
> wicket-auth-roles) on several pages that forces a logged in user to
> have
> a
> certain role to access the page or be redirected to the login page.
> Our
> problem is that if the session expired then the user gets redirected to
> the
> login page because of an unauthorized instantiation instead of being
> redirected to the expired page.
> Is there some way to work around this, or is there a way to determine
> if
> the
> session had expired on the login page so we could display a message
> there?
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
>
>
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>> -
>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>>
>>>
>>
>> -
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
are you referring to the java code i write for the link?
it'd be something like:
add(new BookmarkablePageLink("home", Application.get().getHomePage());
it's not something special about the link which causes it to redirect to
the login page, it's that the homepage class (and several others)
requires the user to have a certain role to instantiate it.
Matej Knopp wrote:
can you paste here a link that redirects to login page?
-Matej
On Mon, Apr 27, 2009 at 9:39 PM, alec wrote:
sorry if that sounded confusing, but it's not the expiredpage that requires
authorization, it's the destination of the link that was clicked.
e.g. the user clicks the link to home (which requires authorization) and
instead of getting the expired page they get the login page.
Igor Vaynberg wrote:
make your ExpiredPage not require authorization/authentication
-igor
On Mon, Apr 27, 2009 at 12:32 PM, alec wrote:
We have a wicket 1.3.5 application and are having trouble redirecting to
an
expired page if the user clicks on a link after the session expired. in
our
application's init method we have the call
getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class);
and this works if they click on a normal link after the session has been
expired, but we're also using the AuthorizeInstantiation annotations
(from
wicket-auth-roles) on several pages that forces a logged in user to have
a
certain role to access the page or be redirected to the login page. Our
problem is that if the session expired then the user gets redirected to
the
login page because of an unauthorized instantiation instead of being
redirected to the expired page.
Is there some way to work around this, or is there a way to determine if
the
session had expired on the login page so we could display a message
there?
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
-
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
can you paste here a link that redirects to login page? -Matej On Mon, Apr 27, 2009 at 9:39 PM, alec wrote: > sorry if that sounded confusing, but it's not the expiredpage that requires > authorization, it's the destination of the link that was clicked. > > e.g. the user clicks the link to home (which requires authorization) and > instead of getting the expired page they get the login page. > > Igor Vaynberg wrote: >> >> make your ExpiredPage not require authorization/authentication >> >> -igor >> >> On Mon, Apr 27, 2009 at 12:32 PM, alec wrote: >> >>> >>> We have a wicket 1.3.5 application and are having trouble redirecting to >>> an >>> expired page if the user clicks on a link after the session expired. in >>> our >>> application's init method we have the call >>> getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class); >>> and this works if they click on a normal link after the session has been >>> expired, but we're also using the AuthorizeInstantiation annotations >>> (from >>> wicket-auth-roles) on several pages that forces a logged in user to have >>> a >>> certain role to access the page or be redirected to the login page. Our >>> problem is that if the session expired then the user gets redirected to >>> the >>> login page because of an unauthorized instantiation instead of being >>> redirected to the expired page. >>> Is there some way to work around this, or is there a way to determine if >>> the >>> session had expired on the login page so we could display a message >>> there? >>> >>> - >>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org >>> For additional commands, e-mail: users-h...@wicket.apache.org >>> >>> >>> >> >> - >> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org >> For additional commands, e-mail: users-h...@wicket.apache.org >> >> > > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
sorry if that sounded confusing, but it's not the expiredpage that requires authorization, it's the destination of the link that was clicked. e.g. the user clicks the link to home (which requires authorization) and instead of getting the expired page they get the login page. Igor Vaynberg wrote: make your ExpiredPage not require authorization/authentication -igor On Mon, Apr 27, 2009 at 12:32 PM, alec wrote: We have a wicket 1.3.5 application and are having trouble redirecting to an expired page if the user clicks on a link after the session expired. in our application's init method we have the call getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class); and this works if they click on a normal link after the session has been expired, but we're also using the AuthorizeInstantiation annotations (from wicket-auth-roles) on several pages that forces a logged in user to have a certain role to access the page or be redirected to the login page. Our problem is that if the session expired then the user gets redirected to the login page because of an unauthorized instantiation instead of being redirected to the expired page. Is there some way to work around this, or is there a way to determine if the session had expired on the login page so we could display a message there? - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
Re: custom expired page
make your ExpiredPage not require authorization/authentication -igor On Mon, Apr 27, 2009 at 12:32 PM, alec wrote: > We have a wicket 1.3.5 application and are having trouble redirecting to an > expired page if the user clicks on a link after the session expired. in our > application's init method we have the call > getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class); > and this works if they click on a normal link after the session has been > expired, but we're also using the AuthorizeInstantiation annotations (from > wicket-auth-roles) on several pages that forces a logged in user to have a > certain role to access the page or be redirected to the login page. Our > problem is that if the session expired then the user gets redirected to the > login page because of an unauthorized instantiation instead of being > redirected to the expired page. > Is there some way to work around this, or is there a way to determine if the > session had expired on the login page so we could display a message there? > > - > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
custom expired page
We have a wicket 1.3.5 application and are having trouble redirecting to an expired page if the user clicks on a link after the session expired. in our application's init method we have the call getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class); and this works if they click on a normal link after the session has been expired, but we're also using the AuthorizeInstantiation annotations (from wicket-auth-roles) on several pages that forces a logged in user to have a certain role to access the page or be redirected to the login page. Our problem is that if the session expired then the user gets redirected to the login page because of an unauthorized instantiation instead of being redirected to the expired page. Is there some way to work around this, or is there a way to determine if the session had expired on the login page so we could display a message there? - To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
