(or back but then you really have to know that)
first again through an external link (or youre own link impl like martijn described)
Or have youre own IRequestTarget (wicket 1.2) like:
RedirectToSecurePageTarget(Class pageClass)
And in that you do a bookmarkable redirect to a https url.
or
RedirectToSecurePageTarget(Page page)
And in that you do a Page redirect to a https url.
johan
On 3/22/06, John Patterson <[EMAIL PROTECTED]> wrote:
On Wednesday 22 Mar 2006 08:29, Juergen Donnerstag wrote:
> I think the last time we discussed that topic the conclusion was that
> no immediate action is required as most applications which require
> https tend to have only a very limited number of http pages.
>
This doesn't really sound right to me. Any application that requires users to
be logged in to perform actions must use https on all of the pages involved
so that their session cannot be hijacked. For example, my application has
many 'member' pages where users can write reviews, update their profile etc.
Surely this is a pretty common scenario?
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Wicket-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/wicket-user
