sorry if that sounded confusing, but it's not the expiredpage that
requires authorization, it's the destination of the link that was clicked.
e.g. the user clicks the link to home (which requires authorization) and
instead of getting the expired page they get the login page.
Igor Vaynberg wrote:
make your ExpiredPage not require authorization/authentication
-igor
On Mon, Apr 27, 2009 at 12:32 PM, alec <a...@distancesoftware.com> wrote:
We have a wicket 1.3.5 application and are having trouble redirecting to an
expired page if the user clicks on a link after the session expired. in our
application's init method we have the call
getApplicationSettings().setPageExpiredErrorPage(ExpiredPage.class);
and this works if they click on a normal link after the session has been
expired, but we're also using the AuthorizeInstantiation annotations (from
wicket-auth-roles) on several pages that forces a logged in user to have a
certain role to access the page or be redirected to the login page. Our
problem is that if the session expired then the user gets redirected to the
login page because of an unauthorized instantiation instead of being
redirected to the expired page.
Is there some way to work around this, or is there a way to determine if the
session had expired on the login page so we could display a message there?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
