Hi all,

I am using wicket 1.4.7.
I have problems getting a security certificate into the session object.
Doing it the wicket way would be to do it in the newSession method of
the Application - I think:
    public Session newSession(Request request, Response response) {
        MySession newSession = new MySession(request);
        WebRequest webRequest = (WebRequest) request;
        HttpServletRequest httpRequest = webRequest.getHttpServletRequest();
        Object object =
        X509Certificate[] certificates = (X509Certificate[]) object;
        return newSession;

The problem is that the
httpRequest.getAttribute(X509_CERTIFICATE_ATTRIBUTE); returns null. When
I do the evil not so wicket way later in the logIn-Page after a Click on
a "Cert-SignIn" Button it works fine:
                public void onSubmit() {
                   ServletWebRequest servletWebRequest =
(ServletWebRequest) getRequest();
                   HttpServletRequest request =
                   certificates = (X509Certificate[])

It seems that the first request to the application of a user does
trigger the newSession method, but it is before the user was redirected
to the https-login-page which requests the certificate...Can someone
tell me the proper way to do this or is this even a wicket bug? I think
it should be a common problem to get certificates into your web session?

My webapp runs in a Jetty Server.

Thanks in advance,

To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to