Re: [Wicket-user] ssl, roles and authorization
Solution found. Within the newRequestCycleProcessor() method of the MyAuthenticatedWebApplication class I caught the exception thrown by the IRequestTarget respond method. protected IRequestCycleProcessor newRequestCycleProcessor() { return new DefaultWebRequestCycleProcessor() { protected IResponseStrategy newResponseStrategy() { return new IResponseStrategy() { public void respond(RequestCycle requestCycle) { IRequestTarget requestTarget = requestCycle.getRequestTarget(); if(requestTarget != null) { Application.get().logResponseTarget(requestTarget); WebRequest webRequest = (WebRequest)requestCycle.getRequest(); WebResponse webResponse = (WebResponse)requestCycle.getResponse(); HttpServletRequest httpServletRequest = webRequest.getHttpServletRequest(); Class pageClass = null; if(requestTarget instanceof IPageRequestTarget) { IPageRequestTarget pageTarget = (IPageRequestTarget)requestTarget; pageClass = pageTarget.getPage().getClass(); } else if(requestTarget instanceof IBookmarkablePageRequestTarget) { IBookmarkablePageRequestTarget bookmarkableTarget = (IBookmarkablePageRequestTarget)requestTarget; pageClass = bookmarkableTarget.getPageClass(); } if(pageClass != null && !httpServletRequest.isSecure() && pageClass.isAnnotationPresent(RequiredSSL.class)) { StringBuffer url = new StringBuffer((new StringBuilder()).append("https://";).append(httpServletRequest.getServerName()).toString()); url.append(":8443"); String q = RequestCycle.get().urlFor(requestTarget).toString(); url.append(q); webResponse.redirect(url.toString()); } else if(pageClass != null && httpServletRequest.isSecure() && !pageClass.isAnnotationPresent(RequiredSSL.class)) { StringBuffer url = new StringBuffer((new StringBuilder()).append("http://";).append(httpServletRequest.getServerName()).toString()); String q = RequestCycle.get().urlFor(requestTarget).toString(); url.append(q); webResponse.redirect(url.toString()); } try{ requestTarget.respond(requestCycle); }catch(Exception e){ logger.debug("Error caught: "+e); } } } }; } }; } } It's more of a hack than an elegant solution. It would be nice for the designers to release a robust example of SSL working with roles and authorization. wired wrote: > > Hi > > I'm trying to mix authentication using annotations and SSL, but I'm having > problems. > > I am simply using the code found in the auth-roles-examples (1.2.1) and I > have made some changes using the "Switch to SSL" example > (http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode) > > If I try to access a page that requires me to sign in, and I am redirected > to the MySignInPage to which I have added the annotation @RequiredSSL, an > exception is thrown which is caused by: > > wicket.WicketRuntimeException: Already redirecting to > 'https://localhost:8443/wirap/authentication?wicket:interface=:1::'. > Cannot redirect more than once > > Now I have verified that the @RequiredSSL annotation works. It only fails > when I try to access a page that requires authorization and I'm redirected > to the login page over SSL. > > Does anyone have any solutions? > > Many thanks in advance! > -- View this message in context: http://www.nabble.com/ssl%2C-roles-and-authorization-tf2087198.html#a5762945 Sent from the Wicket - User forum at Nabble.com. - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Re: [Wicket-user] SSL Handoff in Wicket - Solved
Hi Igor, Many thanks Igor, that solves our issue. Regards Dipu - Original Message - From: Igor Vaynberg To: wicket-user@lists.sourceforge.net Sent: Wednesday, August 02, 2006 5:17 PM Subject: Re: [Wicket-user] SSL Handoff in Wicket you can write your own request coding strategy that looks something like thismystrategy.encode(requestcycle, target) { private boolean gotossl=false; if (target instanceof ListerInterfaceRequestTarget) { listenertarget=(ListerInterfaceRqeuestTarget)target; if (listenertarget.getpage() has @SSL annotation&¬ in ssl mode) { gotossl=true; } }CharSequence orig= super.encode(requestcycle, target); return (gotossl)?orig+"&gotossl=true":orig;}hope this gets you started-IgorOn 8/2/06, Dipu <[EMAIL PROTECTED]> wrote: Hi Eelco,Thanks for your response, but if you read the rest of the email you will seethat the solutions proposed on themailing list and on the wiki are not appropriate.We are just about to go live and this is the last issue so we would appreciate some help.RegardsDipu- Original Message -From: "Eelco Hillenius" <[EMAIL PROTECTED]>To: < wicket-user@lists.sourceforge.net>Sent: Wednesday, August 02, 2006 4:36 PMSubject: Re: [Wicket-user] SSL Handoff in Wicket>I haven't read you whole message, but did you search through the> mailing lists as well? I think there was a thread on this just last> week.>> http://woogle.billen.dk/search/q/SSL>> Eelco>>> On 8/2/06, Dipu <[EMAIL PROTECTED]> wrote:>>>>>> Hi All,>>>>>> We are trying setup a suitable switch to SSL method for our Wicket >> application. I have read the wiki page regarding SSL switching:>> http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode >>>> but this does not solve our problem. We have apache and mod_proxy in>> front of Tomcat. Our wicket application will be used on multiple>> domains, so we can't hard code the hostname into our application for SSL >> switching because that will depend on which domain name was used for>> the request. Getting our application to sense the calling hostname is>> also not appropriate because some users (a from a third party network) >> will be accessing the application by IP via a NAT'ed connection, so the>> hostname sensed by the Servlet would be incorrect.>>>> Also, we want the application to work from our internal network on the >> default Tomcat port of 8080.>>>> In short, we want Apache to handle SSL switching by redirecting (using>> mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is>> controlling, so no hard coding of hostnames in the application would>> required - far more versatile in our opinion.>>>> To get this to work properly however, an HTTP GET is required. Using the >> REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new>> friendly URL (via HTTP GET). This is perfect, except that apache can't>> tell the difference between pages that we wish to be secured, and those >> that we do not. So here's the question:>>>> Is it possible for us to modify the URL (perhaps by adding a GET>> parameter) generated for the HTTP 302 as generated by using the>> REDIRECT_TO_BUFFER RenderStrategy?>>>> I hope this makes sense! :)>>>> Kind regards,>>>> Dipu.>>>> - >> Take Surveys. Earn Cash. Influence the Future of IT>> Join SourceForge.net's Techsay panel and you'll get the chance to share>> your>> opinions on IT & business topics through brief surveys -- and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV>>>> ___ >> Wicket-user mailing list>> Wicket-user@lists.sourceforge.net>> https://lists.sourceforge.net/lists/listinfo/wicket-user >>>>>>>> -> Take Surveys. Earn Cash. Influence the Future of IT> Join SourceForge.net's Techsay panel and you'll get the chance to share > your> opinions on IT & business topics through brief surveys -- and earn cash> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Re: [Wicket-user] SSL Handoff in Wicket
you can write your own request coding strategy that looks something like thismystrategy.encode(requestcycle, target) { private boolean gotossl=false; if (target instanceof ListerInterfaceRequestTarget) { listenertarget=(ListerInterfaceRqeuestTarget)target; if (listenertarget.getpage() has @SSL annotation&¬ in ssl mode) { gotossl=true; } }CharSequence orig= super.encode(requestcycle, target);return (gotossl)?orig+"&gotossl=true":orig;}hope this gets you started-IgorOn 8/2/06, Dipu <[EMAIL PROTECTED]> wrote: Hi Eelco,Thanks for your response, but if you read the rest of the email you will seethat the solutions proposed on themailing list and on the wiki are not appropriate.We are just about to go live and this is the last issue so we would appreciate some help.RegardsDipu- Original Message -From: "Eelco Hillenius" <[EMAIL PROTECTED]>To: < wicket-user@lists.sourceforge.net>Sent: Wednesday, August 02, 2006 4:36 PMSubject: Re: [Wicket-user] SSL Handoff in Wicket>I haven't read you whole message, but did you search through the > mailing lists as well? I think there was a thread on this just last> week.>> http://woogle.billen.dk/search/q/SSL>> Eelco> >> On 8/2/06, Dipu <[EMAIL PROTECTED]> wrote:>>>>>> Hi All,>>>>>> We are trying setup a suitable switch to SSL method for our Wicket >> application. I have read the wiki page regarding SSL switching:>> http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode >>>> but this does not solve our problem. We have apache and mod_proxy in>> front of Tomcat. Our wicket application will be used on multiple>> domains, so we can't hard code the hostname into our application for SSL >> switching because that will depend on which domain name was used for>> the request. Getting our application to sense the calling hostname is>> also not appropriate because some users (a from a third party network) >> will be accessing the application by IP via a NAT'ed connection, so the>> hostname sensed by the Servlet would be incorrect.>>>> Also, we want the application to work from our internal network on the >> default Tomcat port of 8080.>>>> In short, we want Apache to handle SSL switching by redirecting (using>> mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is >> controlling, so no hard coding of hostnames in the application would>> required - far more versatile in our opinion.>>>> To get this to work properly however, an HTTP GET is required. Using the >> REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new>> friendly URL (via HTTP GET). This is perfect, except that apache can't>> tell the difference between pages that we wish to be secured, and those >> that we do not. So here's the question:>>>> Is it possible for us to modify the URL (perhaps by adding a GET>> parameter) generated for the HTTP 302 as generated by using the >> REDIRECT_TO_BUFFER RenderStrategy?>>>> I hope this makes sense! :)>>>> Kind regards,>>>> Dipu.>>>> - >> Take Surveys. Earn Cash. Influence the Future of IT>> Join SourceForge.net's Techsay panel and you'll get the chance to share>> your>> opinions on IT & business topics through brief surveys -- and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV>>>> ___ >> Wicket-user mailing list>> Wicket-user@lists.sourceforge.net>> https://lists.sourceforge.net/lists/listinfo/wicket-user >>>>>>>> -> Take Surveys. Earn Cash. Influence the Future of IT> Join SourceForge.net's Techsay panel and you'll get the chance to share > your> opinions on IT & business topics through brief surveys -- and earn cash> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > ___> Wicket-user mailing list> Wicket-user@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/wicket-user-Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net 's Techsay panel and you'll get the chance to share youropinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV___Wicke
Re: [Wicket-user] SSL Handoff in Wicket
Hi Eelco, Thanks for your response, but if you read the rest of the email you will see that the solutions proposed on the mailing list and on the wiki are not appropriate. We are just about to go live and this is the last issue so we would appreciate some help. Regards Dipu - Original Message - From: "Eelco Hillenius" <[EMAIL PROTECTED]> To: Sent: Wednesday, August 02, 2006 4:36 PM Subject: Re: [Wicket-user] SSL Handoff in Wicket >I haven't read you whole message, but did you search through the > mailing lists as well? I think there was a thread on this just last > week. > > http://woogle.billen.dk/search/q/SSL > > Eelco > > > On 8/2/06, Dipu <[EMAIL PROTECTED]> wrote: >> >> >> Hi All, >> >> >> We are trying setup a suitable switch to SSL method for our Wicket >> application. I have read the wiki page regarding SSL switching: >> http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode >> >> but this does not solve our problem. We have apache and mod_proxy in >> front of Tomcat. Our wicket application will be used on multiple >> domains, so we can't hard code the hostname into our application for SSL >> switching because that will depend on which domain name was used for >> the request. Getting our application to sense the calling hostname is >> also not appropriate because some users (a from a third party network) >> will be accessing the application by IP via a NAT'ed connection, so the >> hostname sensed by the Servlet would be incorrect. >> >> Also, we want the application to work from our internal network on the >> default Tomcat port of 8080. >> >> In short, we want Apache to handle SSL switching by redirecting (using >> mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is >> controlling, so no hard coding of hostnames in the application would >> required - far more versatile in our opinion. >> >> To get this to work properly however, an HTTP GET is required. Using the >> REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new >> friendly URL (via HTTP GET). This is perfect, except that apache can't >> tell the difference between pages that we wish to be secured, and those >> that we do not. So here's the question: >> >> Is it possible for us to modify the URL (perhaps by adding a GET >> parameter) generated for the HTTP 302 as generated by using the >> REDIRECT_TO_BUFFER RenderStrategy? >> >> I hope this makes sense! :) >> >> Kind regards, >> >> Dipu. >> >> - >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share >> your >> opinions on IT & business topics through brief surveys -- and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> >> ___ >> Wicket-user mailing list >> Wicket-user@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/wicket-user >> >> >> > > - > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share > your > opinions on IT & business topics through brief surveys -- and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL Handoff in Wicket
I haven't read you whole message, but did you search through the mailing lists as well? I think there was a thread on this just last week. http://woogle.billen.dk/search/q/SSL Eelco On 8/2/06, Dipu <[EMAIL PROTECTED]> wrote: > > > Hi All, > > > We are trying setup a suitable switch to SSL method for our Wicket > application. I have read the wiki page regarding SSL switching: > http://www.wicket-wiki.org.uk/wiki/index.php/Switch_to_SSL_mode > > but this does not solve our problem. We have apache and mod_proxy in > front of Tomcat. Our wicket application will be used on multiple > domains, so we can't hard code the hostname into our application for SSL > switching because that will depend on which domain name was used for > the request. Getting our application to sense the calling hostname is > also not appropriate because some users (a from a third party network) > will be accessing the application by IP via a NAT'ed connection, so the > hostname sensed by the Servlet would be incorrect. > > Also, we want the application to work from our internal network on the > default Tomcat port of 8080. > > In short, we want Apache to handle SSL switching by redirecting (using > mod_rewrite) to the SSL URL. Apache already knows the hostname(s) it is > controlling, so no hard coding of hostnames in the application would > required - far more versatile in our opinion. > > To get this to work properly however, an HTTP GET is required. Using the > REDIRECT_TO_BUFFER RenderStrategy causes HTTP 302 redirects to a new > friendly URL (via HTTP GET). This is perfect, except that apache can't > tell the difference between pages that we wish to be secured, and those > that we do not. So here's the question: > > Is it possible for us to modify the URL (perhaps by adding a GET > parameter) generated for the HTTP 302 as generated by using the > REDIRECT_TO_BUFFER RenderStrategy? > > I hope this makes sense! :) > > Kind regards, > > Dipu. > > - > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys -- and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > ___ > Wicket-user mailing list > Wicket-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/wicket-user > > > - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL
Hi Johan , many thanks for the help. Regards Dipu - Original Message - From: Johan Compagner To: wicket-user@lists.sourceforge.net Sent: Monday, July 31, 2006 8:35 PM Subject: Re: [Wicket-user] SSL something like this:cycle.setRequestTarget(new IRequestTarget() { public void detach(RequestCycle requestCycle) { } public Object getLock(RequestCycle requestCycle) { return null; } public void respond(RequestCycle requestCycle) { // Redirect there cycle.getResponse().redirect("https://x/dsfsadf?x=y"); } }); On 7/31/06, Dipu <[EMAIL PROTECTED]> wrote: Hi Johan, Can you please give me an example on how to do redirect using IRequestTarget Thanks Dipu - Original Message - From: Johan Compagner To: wicket-user@lists.sourceforge.net Sent: Thursday, July 06, 2006 9:48 AM Subject: Re: [Wicket-user] SSL Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johan On 7/6/06, Joe Toth <[EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimohttp://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easierDownload IBM WebSphere Application Server v.1.0.1 based on Apache Geronimohttp://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user -Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net's Techsay panel and you'll get the chance to share youropinions on IT & business topics through brief surveys -- and earn cashhttp://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV___Wicket-user mailing listWicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user -Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net's Techsay panel and you'll get the chance to share youropinions on IT & business topics through brief surveys -- and earn cashhttp://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV ___Wicket-user mailing listWicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=s
Re: [Wicket-user] SSL
something like this:cycle.setRequestTarget(new IRequestTarget() { public void detach(RequestCycle requestCycle) { } public Object getLock(RequestCycle requestCycle) { return null; } public void respond(RequestCycle requestCycle) { // Redirect there cycle.getResponse().redirect("https://x/dsfsadf?x=y"); } });On 7/31/06, Dipu <[EMAIL PROTECTED]> wrote: Hi Johan, Can you please give me an example on how to do redirect using IRequestTarget Thanks Dipu - Original Message - From: Johan Compagner To: wicket-user@lists.sourceforge.net Sent: Thursday, July 06, 2006 9:48 AM Subject: Re: [Wicket-user] SSL Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johan On 7/6/06, Joe Toth <[EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easierDownload IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user -Take Surveys. Earn Cash. Influence the Future of ITJoin SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV___Wicket-user mailing list Wicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL
Hi Johan, Can you please give me an example on how to do redirect using IRequestTarget Thanks Dipu - Original Message - From: Johan Compagner To: wicket-user@lists.sourceforge.net Sent: Thursday, July 06, 2006 9:48 AM Subject: Re: [Wicket-user] SSL Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johan On 7/6/06, Joe Toth <[EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimohttp://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easierDownload IBM WebSphere Application Server v.1.0.1 based on Apache Geronimohttp://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/wicket-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL
The code had a small little fix:There is an extra condition in the if condition: else if( pageClass != null && httpServletRequest.isSecure () && !isSecurityRequired ) {Using the ONE_PASS method rendering strategy everything works fine now. Did you have to do the same?Yes had to use the One pass rendering strategy else there was an error saying something about double calls. I dont remeber the actual error now.Shams - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
Re: [Wicket-user] SSL
Using the ONE_PASS method rendering strategy everything works fine now. Did you have to do the same?ThanksOn 7/10/06, [EMAIL PROTECTED] Imam <[EMAIL PROTECTED]> wrote: Hi,I had a similar problemI decided not to use that RequiredSSL method.Instead i maintain an array of page classes that require https and used the following code. It worked fine for me. Hope it helps you. protected IResponseStrategy newResponseStrategy() { return new IResponseStrategy() { @SuppressWarnings("unchecked") public void respond( RequestCycle requestCycle ) { IRequestTarget requestTarget = requestCycle.getRequestTarget(); if( requestTarget != null ) { Application.get().logResponseTarget( requestTarget ); WebRequest webRequest = (WebRequest) requestCycle.getRequest(); WebResponse webResponse = (WebResponse) requestCycle .getResponse(); HttpServletRequest httpServletRequest = webRequest .getHttpServletRequest(); Class pageClass = null; if( requestTarget instanceof IPageRequestTarget ) { IPageRequestTarget pageTarget = (IPageRequestTarget) requestTarget; pageClass = pageTarget.getPage().getClass(); } else if( requestTarget instanceof IBookmarkablePageRequestTarget ) { IBookmarkablePageRequestTarget bookmarkableTarget = (IBookmarkablePageRequestTarget) requestTarget; pageClass = bookmarkableTarget.getPageClass(); } boolean isSecurityRequired = false; if( pageClass != null ) { for( int i = 0; i < secureClasses.length && !isSecurityRequired; i++ ) { isSecurityRequired = secureClasses[i] .isAssignableFrom( pageClass ); } } if( pageClass != null && !httpServletRequest.isSecure() && isSecurityRequired ) { StringBuffer url = "" StringBuffer( "https://" + httpServletRequest.getServerName() ); url.append( ":" + getSslPortNumber() ); String q = RequestCycle.get().urlFor( requestTarget ) .toString(); url.append( q ); webResponse.redirect ( url.toString() ); } else if( httpServletRequest.isSecure() && !isSecurityRequired ) { StringBuffer url = "" StringBuffer( "http://" + httpServletRequest.getServerName() ); url.append( ":" + getNormalPortNumber() ); String q = RequestCycle.get().urlFor( requestTarget ) .toString(); url.append( q ); webResponse.redirect( url.toString() ); } else { requestTarget.respond( requestCycle ); } } }; }Shams. On 7/10/06, Johan Compagner <[EMAIL PROTECTED]> wrote: then you are doing the redirect wrong.How and when do you do the redirect??On 7/7/06, Joe Toth <[EMAIL PROTECTED] > wrote:Weird...I'm only getting the error in Jetty 6 (Beta17). wicket.WicketRuntimeException: Internal Error: Could not render error page class wicket.markup.html.pages.InternalErrorPage at wicket.request.compound.DefaultExceptionResponseStrategy.respond (DefaultExceptionResponseStrategy.java:109) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:76) at wicket.RequestCycle.step(RequestCycle.java :1000) at wicket.RequestCycle.steps(RequestCycle.java:1034) at wicket.RequestCycle.request(RequestCycle.java:453) at wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:215) at javax.servlet.http.HttpServlet.service (HttpServlet.java:747) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:423) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter (ServletHandler.java:966) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174) at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:77) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:957) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:353) at org.mo
Re: [Wicket-user] SSL
Hi,I had a similar problemI decided not to use that RequiredSSL method.Instead i maintain an array of page classes that require https and used the following code. It worked fine for me. Hope it helps you. protected IResponseStrategy newResponseStrategy() { return new IResponseStrategy() { @SuppressWarnings("unchecked") public void respond( RequestCycle requestCycle ) { IRequestTarget requestTarget = requestCycle.getRequestTarget(); if( requestTarget != null ) { Application.get().logResponseTarget( requestTarget ); WebRequest webRequest = (WebRequest) requestCycle.getRequest(); WebResponse webResponse = (WebResponse) requestCycle .getResponse(); HttpServletRequest httpServletRequest = webRequest .getHttpServletRequest(); Class pageClass = null; if( requestTarget instanceof IPageRequestTarget ) { IPageRequestTarget pageTarget = (IPageRequestTarget) requestTarget; pageClass = pageTarget.getPage().getClass(); } else if( requestTarget instanceof IBookmarkablePageRequestTarget ) { IBookmarkablePageRequestTarget bookmarkableTarget = (IBookmarkablePageRequestTarget) requestTarget; pageClass = bookmarkableTarget.getPageClass(); } boolean isSecurityRequired = false; if( pageClass != null ) { for( int i = 0; i < secureClasses.length && !isSecurityRequired; i++ ) { isSecurityRequired = secureClasses[i] .isAssignableFrom( pageClass ); } } if( pageClass != null && !httpServletRequest.isSecure() && isSecurityRequired ) { StringBuffer url = "" StringBuffer( "https://" + httpServletRequest.getServerName() ); url.append( ":" + getSslPortNumber() ); String q = RequestCycle.get().urlFor( requestTarget ) .toString(); url.append( q ); webResponse.redirect ( url.toString() ); } else if( httpServletRequest.isSecure() && !isSecurityRequired ) { StringBuffer url = "" StringBuffer( "http://" + httpServletRequest.getServerName() ); url.append( ":" + getNormalPortNumber() ); String q = RequestCycle.get().urlFor( requestTarget ) .toString(); url.append( q ); webResponse.redirect( url.toString() ); } else { requestTarget.respond( requestCycle ); } } }; }Shams.On 7/10/06, Johan Compagner <[EMAIL PROTECTED]> wrote: then you are doing the redirect wrong.How and when do you do the redirect??On 7/7/06, Joe Toth <[EMAIL PROTECTED] > wrote:Weird...I'm only getting the error in Jetty 6 (Beta17). wicket.WicketRuntimeException: Internal Error: Could not render error page class wicket.markup.html.pages.InternalErrorPage at wicket.request.compound.DefaultExceptionResponseStrategy.respond (DefaultExceptionResponseStrategy.java:109) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:76) at wicket.RequestCycle.step(RequestCycle.java :1000) at wicket.RequestCycle.steps(RequestCycle.java:1034) at wicket.RequestCycle.request(RequestCycle.java:453) at wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:215) at javax.servlet.http.HttpServlet.service (HttpServlet.java:747) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:423) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter (ServletHandler.java:966) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174) at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:77) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:957) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:353) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:226) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:567) at org.mortbay.jetty.handler.H
Re: [Wicket-user] SSL
then you are doing the redirect wrong.How and when do you do the redirect??On 7/7/06, Joe Toth <[EMAIL PROTECTED] > wrote:Weird...I'm only getting the error in Jetty 6 (Beta17). wicket.WicketRuntimeException: Internal Error: Could not render error page class wicket.markup.html.pages.InternalErrorPage at wicket.request.compound.DefaultExceptionResponseStrategy.respond (DefaultExceptionResponseStrategy.java:109) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:76) at wicket.RequestCycle.step(RequestCycle.java :1000) at wicket.RequestCycle.steps(RequestCycle.java:1034) at wicket.RequestCycle.request(RequestCycle.java:453) at wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:215) at javax.servlet.http.HttpServlet.service (HttpServlet.java:747) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:423) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter (ServletHandler.java:966) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174) at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:77) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:957) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:353) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:226) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:567) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java :126) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:119) at org.mortbay.jetty.Server.handle(Server.java:248) at org.mortbay.jetty.HttpConnection.handlerRequest(HttpConnection.java :360) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:614) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:487) at org.mortbay.jetty.HttpParser.parseAvailable (HttpParser.java:197) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:288) at org.mortbay.jetty.nio.SelectChannelConnector$HttpChannelEndPoint.run(SelectChannelConnector.java:805) at org.mortbay.thread.BoundedThreadPool$PoolThread.run (BoundedThreadPool.java:475)Caused by: wicket.WicketRuntimeException: Already redirecting to 'https://localhost:8443/app '. Cannot redirect more than once at wicket.protocol.http.BufferedWebResponse.redirect (BufferedWebResponse.java:92) at wicket.protocol.http.WebRequestCycle.redirectTo(WebRequestCycle.java:225) at wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:60) at wicket.request.compound.DefaultResponseStrategy.respond (DefaultResponseStrategy.java:49) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:66) at wicket.RequestCycle.respond(RequestCycle.java:905) at wicket.RequestCycle.step(RequestCycle.java:975) ... 23 moreOn 7/6/06, Johan Compagner < [EMAIL PROTECTED]> wrote:Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johanOn 7/6/06, Joe Toth < [EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easierDownload IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk
Re: [Wicket-user] SSL
Weird...I'm only getting the error in Jetty 6 (Beta17). wicket.WicketRuntimeException: Internal Error: Could not render error page class wicket.markup.html.pages.InternalErrorPage at wicket.request.compound.DefaultExceptionResponseStrategy.respond (DefaultExceptionResponseStrategy.java:109) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:76) at wicket.RequestCycle.step(RequestCycle.java :1000) at wicket.RequestCycle.steps(RequestCycle.java:1034) at wicket.RequestCycle.request(RequestCycle.java:453) at wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:215) at javax.servlet.http.HttpServlet.service (HttpServlet.java:747) at javax.servlet.http.HttpServlet.service(HttpServlet.java:860) at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:423) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter (ServletHandler.java:966) at org.springframework.orm.hibernate3.support.OpenSessionInViewFilter.doFilterInternal(OpenSessionInViewFilter.java:174) at org.springframework.web.filter.OncePerRequestFilter.doFilter (OncePerRequestFilter.java:77) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:957) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:353) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:226) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:567) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java :126) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:119) at org.mortbay.jetty.Server.handle(Server.java:248) at org.mortbay.jetty.HttpConnection.handlerRequest(HttpConnection.java :360) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:614) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:487) at org.mortbay.jetty.HttpParser.parseAvailable (HttpParser.java:197) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:288) at org.mortbay.jetty.nio.SelectChannelConnector$HttpChannelEndPoint.run(SelectChannelConnector.java:805) at org.mortbay.thread.BoundedThreadPool$PoolThread.run (BoundedThreadPool.java:475)Caused by: wicket.WicketRuntimeException: Already redirecting to 'https://localhost:8443/app'. Cannot redirect more than once at wicket.protocol.http.BufferedWebResponse.redirect (BufferedWebResponse.java:92) at wicket.protocol.http.WebRequestCycle.redirectTo(WebRequestCycle.java:225) at wicket.request.target.component.PageRequestTarget.respond(PageRequestTarget.java:60) at wicket.request.compound.DefaultResponseStrategy.respond (DefaultResponseStrategy.java:49) at wicket.request.compound.AbstractCompoundRequestCycleProcessor.respond(AbstractCompoundRequestCycleProcessor.java:66) at wicket.RequestCycle.respond(RequestCycle.java:905) at wicket.RequestCycle.step(RequestCycle.java:975) ... 23 moreOn 7/6/06, Johan Compagner < [EMAIL PROTECTED]> wrote:Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johanOn 7/6/06, Joe Toth < [EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easierDownload IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.n
Re: [Wicket-user] SSL
Redirect to a full url or use an ExternalLink (pointing to your own site but then with ssl)Do that redirect with a IRequestTarget.I don't know how you do it now but doing a redirect should always be donethrough request targets. johanOn 7/6/06, Joe Toth <[EMAIL PROTECTED]> wrote: How can I implement a way switch over to https?Depending on how the user navigates I need to swich over to https froma form submit. Every time I try a different way to implement thistransparently I receive "Caused by: wicket.WicketRuntimeException:Already redirecting to '/app/Checkout'. Cannot redirect more thanonce"At first I tried to annotate a class with @RequiredSSL and created anew IResponseStrategy that would test if the request was secure, if not, WebResponse.redirect to the https version of the requested url.Second I tried to do the same in the constructor of my Base Class forall my pages and throw an AbortException, but I had the same problem. Any ideas?Also, are there any plans to add a https feature in 2.0 core or extensions?Thanks!Using Tomcat but need to do more? Need to support web services, security?Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimohttp://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___Wicket-user mailing listWicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ___ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user