Evicting the page store to force Wicket to create a new instance of a page after using the back-button

Thu, 14 Apr 2016 06:36:15 -0700 

Hello,

short version of my question: how do I evict the page store to force Wicket to 
create a new instance after using the
back-button?

Longer version:

A user is redirected after login to my main page. On my main page I have 
several links in onInitialize() which
overwrites isVisible checking the role of the logged-in user, like this:

@AuthorizeInstantiation({MyRole.sAdmin})
public abstract class AbstractSecureBasePage extends AbstractBasePage 
implements ModelDetacher {
[...]
            add(new Link("managementLink") {
                @Override
                public void onClick() {
                    setResponsePage(Management.class);
                }

                @Override
                public boolean isVisible() {
                    return MySession.get().getUser().hasRole(MyRole.ADMIN);
                }
            });
[...]
}

My session:

public class MySession extends AuthenticatedWebSession {
    [...]
    @Override
    public void signOut() {

        user = null;

        final RequestCycle requestCycle = RequestCycle.get();

        if (RequestCycle.get() != null && requestCycle.getRequest() != null
            && 
ServletWebRequest.class.isAssignableFrom(RequestCycle.get().getRequest().getClass()))
 {
            LOGGER.log(Level.FINE, "Invalidating HttpSession-object {0}",
                ((ServletWebRequest) 
RequestCycle.get().getRequest()).getContainerRequest().getSession().getId());
            ((ServletWebRequest) 
RequestCycle.get().getRequest()).getContainerRequest().getSession().invalidate();
        }
        super.signOut();
    }
}

After the log-out the user is redirected back to the login-page. If the user 
now click the browsers back button Wicket
tries to fetch the last page from the page store and checks the links 
visibility which will result in a
NullPointerException due to the fact that getUser() returns null.

I attempted several solutions:

1) Checking in every isVisible() if the user is null. This *does* work but I 
have quite a lot of links and I would like
to go with this solution only if I cannot find any other.

2) Checking at the very beginning of onInitialize() if the user is null. This 
does not work since the components are
coming from the page store and onInitialize() is not called.

3) Overwriting onBeforeRender() of the main page. This does not work since it's 
only called if a component is visible.

4) My next idea was, to empty the page store within my signOut-method.
I tried several things:
       getApplication().getSessionStore().destroy();
       getPageManager().clear();
       getPageManager().destroy();
       getPageManager().commitRequest();
None of them worked.

getPageManager().destroy(); provokes even a NullPointerException within Wicket 
itself (after using the back-button):

java.lang.NullPointerException
     at 
org.apache.wicket.page.PageStoreManager$SessionEntry.getPage(PageStoreManager.java:203)
     at 
org.apache.wicket.page.PageStoreManager$PersistentRequestAdapter.getPage(PageStoreManager.java:357)
     at 
org.apache.wicket.page.AbstractPageManager.getPage(AbstractPageManager.java:82)
     at 
org.apache.wicket.page.PageManagerDecorator.getPage(PageManagerDecorator.java:50)
     at 
org.apache.wicket.page.PageAccessSynchronizer$2.getPage(PageAccessSynchronizer.java:246)
     at 
org.apache.wicket.DefaultMapperContext.getPageInstance(DefaultMapperContext.java:113)
     at 
org.apache.wicket.core.request.handler.PageProvider.getStoredPage(PageProvider.java:299)
     at 
org.apache.wicket.core.request.handler.PageProvider.isNewPageInstance(PageProvider.java:211)
     at 
org.apache.wicket.core.request.mapper.AbstractBookmarkableMapper.processHybrid(AbstractBookmarkableMapper.java:261)
     at 
org.apache.wicket.core.request.mapper.AbstractBookmarkableMapper.mapRequest(AbstractBookmarkableMapper.java:365)
     at 
org.apache.wicket.request.mapper.CompoundRequestMapper.mapRequest(CompoundRequestMapper.java:150)
     at 
org.apache.wicket.request.cycle.RequestCycle.resolveRequestHandler(RequestCycle.java:189)
     at 
org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:219)
     at 
org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:293)
     at 
org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:261)
     at 
org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
     at 
org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:284)
[...]

Line 203 of the PageStoreManager looks like:

                        // not found, ask pagestore for the page
                        return getPageStore().getPage(sessionId, id);

I am not sure if here should be a null-check on getPageStore (since I have no 
clue what should be returned if
getPageStore() returns null).

Long story short: is there a more elegant solution to my problem than the first 
solution that I've tried?
I had the hope I could empty the page store and Wicket would be so smart to 
create a new instance of the page if the
page store is empty (which would solve my problem since AuthorizeInstantiation 
would cause Wicket to redirect to the
LoginPage again).


Joachim

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org

Reply via email to