Hi,
I've followed the Wicket guide's chapter on security in order to implement
authorization. Amongst other bits it advises using the following code in the
AuthenticatedPage :
@Override
protected void onConfigure() {
super.onConfigure();
AuthenticatedWebApplication app =
(AuthenticatedWebApplication)Application.get();
//if user is not signed in, redirect him to sign in page
if(!AuthenticatedWebSession.get().isSignedIn())
app.restartResponseAtSignInPage();
}
The problem is that restartResponseAtSignInPage() binds a new session so I
end up with a session despite redirecting to the stateless login page.
Any ideas?
CN
--
View this message in context:
http://apache-wicket.1842946.n4.nabble.com/Stateless-login-page-with-auth-roles-tp4668706.html
Sent from the Users forum mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
