Hi Everyone,

I'm having an issue with HttpsMapper not switching to SSL when there is no JSESSIONID cookie. It's happening with wicket-auth-roles when the user goes to the home page, which need authentication. I have this code in my init method in my WebApplication class.

getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy()
{
   @Override
public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass)
   {
      if (AuthenticatedWebPage.class.isAssignableFrom(componentClass))
      {
         if (MyAuthenticatedWebSession.get().isSignedIn())
            return true;

throw new RestartResponseAtInterceptPageException(new LoginPage());
      }

      return true;
   }

   @Override
   public boolean isActionAuthorized(Component component, Action action)
   {
      return true;
   }
});

HomePage implements AuthenticatedWebPage and LoginPage has the @RequireHttps annotation. This only seems to happen when there is no JSESSIONID cookie. The URL looks like this:

http://localhost:7011/documentation/login;jsessionid=1c9nRTpWGWynRXdX1WKC5ZnSfTNKCydGTdHH83mvfXQZQcQ8fLpx!-1875818450?0

when it should be https://localhost:7012/login. If I try it a second time after the cookie has been created it works fine. This is not a problem when I go straight to http://localhost:7011/login (works fine then). Just wondering if anyone else has this problem.

Thanks,
Tim

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to