>Then this is a bug. https://issues.apache.org/jira/browse/WICKET-4500
Complete with quickstart. Regards, Chris > >On Mon, Apr 16, 2012 at 1:18 PM, Chris Colman ><chr...@stepaheadsoftware.com> wrote: >> BTW that clear never gets called in the simple process of the Admin user >> going to admin page redirected and then 'continued' after >> authentication. I have not attempted to do anything with the standard >> user at this point so the clear not getting called seems to be a problem >> in a single user scenario. >> >>>-----Original Message----- >>>From: Martin Grigorov [mailto:mgrigo...@apache.org] >>>Sent: Monday, 16 April 2012 7:02 PM >>>To: users@wicket.apache.org >>>Subject: Re: ContinueToOriginalDestination does not clear destination >> after >>>continue >>> >>>Hi Chris, >>> >>>Check the code >>>at >>>org.apache.wicket.RestartResponseAtInterceptPageException#continueToOri >> gina >>>lDestination() >>>This method indeed returns 'true' without cleaning the stored data but >>>later when the redirect is processed the data is cleaned - see >>>MAPPER#mapRequest(Request) method few lines below. >>> >>>Additionally this data is stored as meta data in the Session object, so >>>changing users implies invalidation of the old (Admin) session and >> creation >>>of a new (normal user) session. Do you degrade the Admin user to a user >>>with less permissions without a real logout ? >>> >>>On Mon, Apr 16, 2012 at 11:53 AM, Chris Colman >>><chr...@stepaheadsoftware.com >>>> wrote: >>> >>>> ** ** >>>> >>>> We have a scenario where single person can log in under different >>>accounts >>>> on the same website. Different user types will typically go to >> different >>>> page types.**** >>>> >>>> ** ** >>>> >>>> A single person using different accounts is not normally required but >> we >>>> are demonstrating to corporate clients how the system will be used by >>>> different user types. In the demonstration we need to log in as an >>>'admin' >>>> user to demo the admin aspects and then we need to log in as a >> 'standard' >>>> user to demonstrate the aspects that will apply to a standard >> user.**** >>>> >>>> ** ** >>>> >>>> The admin page uses RedirectToInterceptException to authentication >> page >>>> if no one is logged in.**** >>>> >>>> ** ** >>>> >>>> The standard page uses the home page to authenticate and throws new >>>> RestartResponseException(new AuthenticatePage(parameters)) if no one >> is >>>> authenticated (i.e. no intercept)**** >>>> >>>> ** ** >>>> >>>> After authentication we either continue or go to the 'default' page >> for a >>>> standard user.**** >>>> >>>> ** ** >>>> >>>> Code looks like this:**** >>>> >>>> ** ** >>>> >>>> If ( authenicationSucceeded )**** >>>> >>>> {**** >>>> >>>> if ( >> !continueToOriginalDestination() >>>> )**** >>>> >>>> {**** >>>> >>>> // Was not redirected >> to >>>> this authentication page so go to default destination for the home >>>page*** >>>> * >>>> >>>> // Find default page >> for >>>> standard users and go to that page**** >>>> >>>> }**** >>>> >>>> }**** >>>> >>>> ** ** >>>> >>>> What we find is that after an admin log on (with intercept/continue >>>> sequence) a subsequent standard user log on will not execute the >> above >>>body >>>> because continueToOriginalDestination returns 'true' even though this >>>> page was not an intercept page. **** >>>> >>>> ** ** >>>> >>>> It looks like after an intercept/continue has occurred it does not >> clear >>>> the 'original destination' attribute and so a subsequent call to >>>> continueToOriginalDestination will return true when it should really >>>> return false.**** >>>> >>>> ** ** >>>> >>>> Is the attribute that stores 'original destination' cleared after >>>> continueToOriginalDestination? Should it be?**** >>>> >>>> ** ** >>>> >>>> ** ** >>>> >>>> Yours sincerely,**** >>>> >>>> ** ** >>>> >>>> Chris Colman**** >>>> >>>> **** >>>> >>>> Pagebloom Team Leader,**** >>>> >>>> Step Ahead Software >>>> >>>> **** >>>> >>>> pagebloom - your business & your website growing together**** >>>> >>>> ** ** >>>> >>>> **Sydney**: (+61 2) 9656 1278 ****Canberra****: (+61 2) 6100 2120 >>>> **** >>>> >>>> Email: chr...@stepahead.com.au <//chr...@stepahead.com.au>**** >>>> >>>> Website:**** >>>> >>>> http://www.pagebloom.com**** >>>> >>>> http://develop.stepaheadsoftware.com**** >>>> >>>> **** >>>> >>>> ** ** >>>> >>> >>> >>> >>>-- >>>Martin Grigorov >>>jWeekend >>>Training, Consulting, Development >>>http://jWeekend.com <http://jweekend.com/> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org >> For additional commands, e-mail: users-h...@wicket.apache.org >> > > > >-- >Martin Grigorov >jWeekend >Training, Consulting, Development >http://jWeekend.com > >--------------------------------------------------------------------- >To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org >For additional commands, e-mail: users-h...@wicket.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
