Re: [Wicket-user] SSL Handoff in Wicket - Solved
Hi Igor, Many thanks Igor, that solves our issue. Regards Dipu - Original Message - From: Igor Vaynberg To: wicket-user@lists.sourceforge.net Sent: Wednesday, August 02, 2006 5:17 PM Subject: Re: [Wicket-user] SSL Handoff in Wicket you can write your own request coding strategy that looks something like thismystrategy.encode(requestcycle, target) {private boolean gotossl=false;if (target instanceof ListerInterfaceRequestTarget) { listenertarget=(ListerInterfaceRqeuestTarget)target; if (listenertarget.getpage() has @SSL annotationnot in ssl mode) { gotossl=true; } }CharSequence orig= super.encode(requestcycle, target); return (gotossl)?orig+"gotossl=true":orig;}hope this gets you started-IgorOn 8/2/06, Dipu [EMAIL PROTECTED] wrote: Hi Eelco,Thanks for your response, but if you read the rest of the email you will seethat the solutions proposed on themailing list and on the wiki are not appropriate.We are just about to go live and this is the last issue so we would appreciate some help.RegardsDipu- Original Message -From: "Eelco Hillenius" [EMAIL PROTECTED]To: wicket-user@lists.sourceforge.netSent: Wednesday, August 02, 2006 4:36 PMSubject: Re: [Wicket-user] SSL Handoff in WicketI haven't read you whole message, but did you search through the mailing lists as well? I think there was a thread on this just last week. http://woogle.billen.dk/search/q/SSL Eelco On 8/2/06, Dipu [EMAIL PROTECTED] wrote: Hi All, We are trying setup a suitable switch to SSL method for our Wicket application. I have read the wiki page regarding SSL switching: http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode but this does not solve our problem. We have apache and mod_proxy in front of Tomcat. Our wicket application will be used on multiple domains, so we can't hard code the hostname into our application for SSL switching because that will depend on which domain name was used for the request. Getting our application to sense the calling hostname is also not appropriate because some users (a from a third party network) will be accessing the application by IP via a NAT'ed connection, so the hostname sensed by the Servlet would be incorrect. Also, we want the application to work from our internal network on the default Tomcat port of 8080. In short, we want Apache to handle SSL switching by redirecting (using mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is controlling, so no hard coding of hostnames in the application would required - far more versatile in our opinion. To get this to work properly however, an HTTP GET is required. Using the REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new friendly URL (via HTTP GET). This is perfect, except that apache can't tell the difference between pages that we wish to be secured, and those that we do not. So here's the question: Is it possible for us to modify the URL (perhaps by adding a GET parameter) generated for the HTTP 302 as generated by using the REDIRECT_TO_BUFFER RenderStrategy? I hope this makes sense! :) Kind regards, Dipu. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user-Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net 's Techsay panel and you'll get the chance to share youropinions on IT business topics through brief surveys -- and earn cashhttp://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.s
[Wicket-user] SSL Handoff in Wicket
Hi All,We are trying setup a suitable switch to SSL method for our Wicket application. I have read the wiki page regarding SSL switching:http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_modebut this does not solve our problem. We have apache and mod_proxy in front of Tomcat. Our wicket application will be used on multiple domains, so we can't hard code the hostname into our application for SSL switching because that will depend on which domain name was used for the request. Getting our application to sense the calling hostname is also not appropriate because some users (a from a third party network) will be accessing the application by IP via a NAT'ed connection, so the hostname sensed by the Servlet would be incorrect.Also, we want the application to work from our internal network on the default Tomcat port of 8080.In short, we want Apache to handle SSL switching by redirecting (using mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is controlling, so no hard coding of hostnames in the application would required - far more versatile in our opinion.To get this to work properly however, an HTTP GET is required. Using the REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new friendly URL (via HTTP GET). This is perfect, except that apache can't tell the difference between pages that we wish to be secured, and those that we do not. So here's the question:Is it possible for us to modify the URL (perhaps by adding a GET parameter) generated for the HTTP 302 as generated by using the REDIRECT_TO_BUFFER RenderStrategy?I hope this makes sense! :)Kind regards,Dipu. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL Handoff in Wicket
I haven't read you whole message, but did you search through the mailing lists as well? I think there was a thread on this just last week. http://woogle.billen.dk/search/q/SSL Eelco On 8/2/06, Dipu [EMAIL PROTECTED] wrote: Hi All, We are trying setup a suitable switch to SSL method for our Wicket application. I have read the wiki page regarding SSL switching: http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode but this does not solve our problem. We have apache and mod_proxy in front of Tomcat. Our wicket application will be used on multiple domains, so we can't hard code the hostname into our application for SSL switching because that will depend on which domain name was used for the request. Getting our application to sense the calling hostname is also not appropriate because some users (a from a third party network) will be accessing the application by IP via a NAT'ed connection, so the hostname sensed by the Servlet would be incorrect. Also, we want the application to work from our internal network on the default Tomcat port of 8080. In short, we want Apache to handle SSL switching by redirecting (using mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is controlling, so no hard coding of hostnames in the application would required - far more versatile in our opinion. To get this to work properly however, an HTTP GET is required. Using the REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new friendly URL (via HTTP GET). This is perfect, except that apache can't tell the difference between pages that we wish to be secured, and those that we do not. So here's the question: Is it possible for us to modify the URL (perhaps by adding a GET parameter) generated for the HTTP 302 as generated by using the REDIRECT_TO_BUFFER RenderStrategy? I hope this makes sense! :) Kind regards, Dipu. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user