Hi all,
This question applies to Wicket 1.4.9.
I have an app where I have a Sign-in component (Panel) that is shown in
(almost) every page of the site. I'd like all the app to work over http, and
that form to work over https. Since the @RequireHttps annotation only works
on pages and not
Hi Igor, thank you for your response.
I tried what you pointed. The action URL in the form is correctly replaced,
since I can see it with Firebug. And even Wicket receives the request when
pressing the submit button, but it fails on validating required fields: it
does not receive the values,
Thank you Melinda for your response,
I didn't try that because, even when querystring (and therefore GET
parameters are too) is secured with SSL, there are some reasons that point
that it's a bad idea (look at the first answer at
Yes, the HttpsRequestCycleProcessor is doing a redirect from HTTPS to HTTP,
both using POST and GET methods (btw Melinda, as you pointed, this last
ones preserves the values as it was expected but I can not use this way...).
Is there anything I can do to avoid that? The
I use some secure pages annotated with @RequireHttps, but not all the pages
where the login panel will be. For example, the main page or the general
info page will be no secured, but the login panel will be there in both
pages. There are also other profile-dependent pages that are of course
full
Thank you all for your responses.
Yes, I was thinking about that. How could I achieve that?
I'd like to be able to access the form that generated the request through
the target parameter, but it's not visible. If I could, I'd determine if
it's an instance of my custom SecureForm class and
Hi all,
I think I finally have the solution, thanks everyone who guide me. Please
correct me if I'm missing something, I tested it quite well and everything
is OK. What I do is the following:
- I have my custom SecureForm class (inherits from Form), as I mentioned
before. It overrides the
By the way, now that it's done and supposing it's OK, wouldn't be a good idea
to include something like that in the trunk? Or maybe in an extension? Maybe
do the same with some links? It's just an idea, I'm surprised not a lot of
people had to lead with this.
--
View this message in context:
I localized an error in my solution: when validation fails, it enters an
infinite loop of redirects through:
[...]
if (this.isSecureFormRequest(target)) {
redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
}
[...]
I don't know how to make it stop when validation fails
Hi all.
I've been dealing with this and I don't have a working solution yet. The
problem that my previously posted solution had is that when the form
validation fails, it falls into an infinite redirect loop.
Playing with my custom HttpsRequestCycleProcessor all I have achieved is to
make it
Hi Ernesto and others,
Yes that's what I mentioned before, I'm able to do what you say, or to
redirect to the HTTP page but not showing the validation errors, but not
both HTTP and show errors.
By the way, if you check for secureForm.hasError(), will it catch a
situation where there's not
Hi Ernesto,
I tried your code and it's working for me, just with one issue I mention at
the end of this post. I had to make just 3 modifications: the method
resolve() stays like this:
public IRequestTarget resolve(RequestCycle rc, RequestParameters rp)
{
// if
Hi,
It does not work for me. For correctly replace the ports I had to modify a
bit the SecureForm code, leaving it as follows:
@Override
protected void onComponentTag(ComponentTag tag) {
super.onComponentTag(tag);
String action = tag.getAttribute(action);
I'm using:
add(CSSPackageResource.getHeaderContribution(styles/main/layout.css));
literally as I have just written.
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/SSL-Links-and-buttons-tp3001634p3015516.html
Sent from the Users forum mailing list archive at
What about using Page#getString(String key) method? If you have your
.properties files with language suffixes (e.g. MyPage_en.properties,
MyPage_es.properties, MyPage_fr.properties) Wicket will automatically
retrieve the String resource from the properties file of the session
language.
-
15 matches
Mail list logo
