With WO 5.4.x WOContext has gained a few method to correctly manage
the secure transport.
/**
* Return true if the context is in secure mode.
*
* @return true if in secure mode
* @since 5.4
*/
public boolean secureMode()
/**
* Puts the context in secure mode.
*
* @param value
*/
public void setSecureMode(boolean value)
WOContext should also correctly manage the complete URLs. If the
secure mode is turned on and the request was not made on secure
transport then the URL will be complete.
Cheers
Pierre
--
Pierre Frisch
[EMAIL PROTECTED]
On Mar 27, 2008, at 2:26, Serge Cohen wrote:
Oups ... just realised that I send this mail to the "wrong" (not
totally) mailing list ... It's most likelly not a Wonder issue but
rather a WebObjects 5.4 one...
Someone has the same experience than I when using redirection to
change from http to https ?
Here is the message I've sent yesterday to the Project Wonder list ...
In the application I'm currently working on, I sometimes have to
turn to HTTPS (decision made at runtime) using the following code in
Session.appendToResponse :
public void appendToResponse(WOResponse aResponse, WOContext
aContext) {
// Shall we ask for HTTPS or HTTP (or leave the transport as it is).
boolean tmpRequestIsSecure =
RequestAdditions.isSecure(aContext.request());
super.appendToResponse(aResponse, aContext);
if ((requireSecure && !tmpRequestIsSecure) || (requireNotSecure
&& tmpRequestIsSecure)) {
// We have to redirect towards the same page, but different schema
String schema = (requireSecure) ? "https" : "http";
String redirectToURL = schema + "://" +
RequestAdditions.hostName(aContext.request()) +
aContext.componentActionURL();
aResponse.setStatus(302);
aResponse.setHeader(redirectToURL, "Location");
NSLog.debug.appendln("Switching schema to : " + schema + ".
Redirecting to the URL '" + redirectToURL + "'.");
}
}
Till now I was developing using WebObjects 5.3.? (+ Wonder), and
this was all working nicely. In particular, whatever this redirect
would do the URL generated by WebObjects in the html sources would
be absolute but would NOT contain the schema and host name (in other
words they'd start like '/cgi-bin/WebObjects/Incident.woa/....')
I have just upgraded to Leopard, and hence WebObjects 5.4.1 (+
Wonder).
Now the redirect still works (when enforcing 'https' usage), but
upon such a redirection all the URL generated in the page are now
'complete' URL, that is they contain the schema, the hostname and
then the rest (eg. 'http://foo.local/cgi-bin/WebObjects/Incident.woa/....')
. In particular, when turning to 'https' all the generated URLs are
now EXPLICITLY NON secured http ('http'). Still if there is no-
redirection the generated URLs are the same as before (like the one
generated by WO 5.3, non-complete URL, eg. '/cgi-bin/WebObjects/
Incident.woa/....').
I have tried to check the value of
aContext.doesGenerateCompleteURLs() (which in all cases is FALSE,
which to me means that all generated URL should be absolute path
without schema and hostname).
I realise that the former https bug of WebObjects 5.3 is now fixed
and it might be normal that my code is not working anymore, but I
could not find how I should change my code to conform to the new WO
version?
Any help or hint is very welcome !
Serge.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/pierre%40apple.com
This email sent to [EMAIL PROTECTED]
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [EMAIL PROTECTED]
