You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by kugaprakash <kv...@infoblox.com> on 2010/06/02 21:03:31 UTC
Re: Problem with Crypted URL
Can anybody help me with this question?
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2240647.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem with Crypted URL
Posted by kugaprakash <kv...@infoblox.com>.
Actually I should say, that it is not force re-directing even on using the
recommended approach. It still stays in the same current page.
Am I doing something wrong here? I tried to remove the finally block
{Session.get().invalidate(); } and moved that code to detach(), still no
success.
Please let me know if there is some thing wrong being done here.
Thanks in Advance.
Kuga
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2243721.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem with Crypted URL
Posted by kugaprakash <kv...@infoblox.com>.
Thanks for the response, I am trying to implement your recommended solution,
however, It goes into the respond method and I did the following
public void respond(RequestCycle requestCycle) {
PageParameters param = new PageParameters();
param.add("error", errorMessage); //$NON-NLS-1$
try {
((WebResponse)requestCycle.getResponse()).getHttpServletResponse().
sendRedirect(requestCycle.urlFor(pageClass, param).toString());
Session.get().invalidate();
} catch (IOException e) {
log.error("Error while redirecting to global error page", e);
//$NON-NLS-1$
}
}
Please let me know if the above is correct.
However, I am seeing the following issue:
1. When the session expires, the session expiry page appears, and when click
on Browser back button, it takes me to previous page, but doesnt complete
rendering, as there are decode exceptions, but this time it does not render
the SessionExpiry page.
2. We also have a Global error page, when the application gets an RunTime
exception, we report it to global error page, I tried to use the same
concept there, but for this case, it does not redirect to the Global error
page, rather, just stays in the current page, as though it has consumed the
click.
Please let me know if you have any thoughts.
Thanks in advance
Kuga
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2242335.html
Sent from the Wicket - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Problem with Crypted URL
Posted by Igor Vaynberg <ig...@gmail.com>.
RestartResponseException will render the page. since you invalidate
the session *after* rendering the page (session is invalidated at the
end of the request) that means any stateful urls constructed while
rendering the page will no longer be accessible
what you want to do is someting like this instead of restartresponseexception:
requestcycle.get().setrequesttarget(new irequesttarget() { respond(rc)
{ rc.sendredirect(rc.urlfor(sessionexpirtypage.class)); }
this will force a redirect before rendering the page
-igor
On Wed, Jun 2, 2010 at 2:58 PM, kugaprakash <kv...@infoblox.com> wrote:
>
> Hi,
>
> Thanks much and appreciate your response.
>
> Yes, like I mentioned in the code snippet above, in the
> WebRequestCycleRequestProcesser.respond(), I override this method and
> handle the page expiration exception in the following way:
>
> if(e instanceof PageExpiredException || e instanceof
> HackAttackException){
>
> Session.get().invalidate();
>
> throw new
> RestartResponseException(SessionExpiryPage.class);
>
> }
>
>
>
> Which I believe will result in a bookmarkable page request target.
>
>
>
> Do you mean to say that I should not invalidate the session at above
> line, rather invalidate it in the SessionExpiryPage.onAfterRender()
>
>
>
> If the above is not what it is, can you please let me know with a little
> code sample?
>
> Thanks
>
> Kuga
>
> ________________________________
>
> From: Igor Vaynberg-2 [via Apache Wicket]
> [mailto:ml-node+2240861-1232253215-230809@n4.nabble.com]
> Sent: Wednesday, June 02, 2010 2:30 PM
> To: Kugaprakash Visagamani
> Subject: Re: Problem with Crypted URL
>
>
>
> maybe because you are invalidating the session, which happens after
> the page is rendered. i would instead invalidate the session and
> reditect to a bookmarkable url that points to the sessionexpiry page
>
> -igor
>
> On Wed, Jun 2, 2010 at 12:03 PM, kugaprakash <[hidden email]> wrote:
>
>
>>
>> Can anybody help me with this question?
>> --
>> View this message in context:
> http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp18
> 75435p2240647.html
>> Sent from the Wicket - User mailing list archive at Nabble.com.
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [hidden email]
>> For additional commands, e-mail: [hidden email]
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
>
>
> ________________________________
>
> View message @
> http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp18
> 75435p2240861.html
> To unsubscribe from Re: Problem with Crypted URL, click here
> <http://apache-wicket.1842946.n4.nabble.com/subscriptions/Unsubscribe.jt
> p?code=a3Zpc2FnYW1hbmlAaW5mb2Jsb3guY29tfDIyNDA2NDd8NTcwMDE4MzI5> .
>
>
>
>
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2240905.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
RE: Problem with Crypted URL
Posted by kugaprakash <kv...@infoblox.com>.
Hi,
Thanks much and appreciate your response.
Yes, like I mentioned in the code snippet above, in the
WebRequestCycleRequestProcesser.respond(), I override this method and
handle the page expiration exception in the following way:
if(e instanceof PageExpiredException || e instanceof
HackAttackException){
Session.get().invalidate();
throw new
RestartResponseException(SessionExpiryPage.class);
}
Which I believe will result in a bookmarkable page request target.
Do you mean to say that I should not invalidate the session at above
line, rather invalidate it in the SessionExpiryPage.onAfterRender()
If the above is not what it is, can you please let me know with a little
code sample?
Thanks
Kuga
________________________________
From: Igor Vaynberg-2 [via Apache Wicket]
[mailto:ml-node+2240861-1232253215-230809@n4.nabble.com]
Sent: Wednesday, June 02, 2010 2:30 PM
To: Kugaprakash Visagamani
Subject: Re: Problem with Crypted URL
maybe because you are invalidating the session, which happens after
the page is rendered. i would instead invalidate the session and
reditect to a bookmarkable url that points to the sessionexpiry page
-igor
On Wed, Jun 2, 2010 at 12:03 PM, kugaprakash <[hidden email]> wrote:
>
> Can anybody help me with this question?
> --
> View this message in context:
http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp18
75435p2240647.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]
________________________________
View message @
http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp18
75435p2240861.html
To unsubscribe from Re: Problem with Crypted URL, click here
<http://apache-wicket.1842946.n4.nabble.com/subscriptions/Unsubscribe.jt
p?code=a3Zpc2FnYW1hbmlAaW5mb2Jsb3guY29tfDIyNDA2NDd8NTcwMDE4MzI5> .
--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2240905.html
Sent from the Wicket - User mailing list archive at Nabble.com.
Re: Problem with Crypted URL
Posted by Igor Vaynberg <ig...@gmail.com>.
maybe because you are invalidating the session, which happens after
the page is rendered. i would instead invalidate the session and
reditect to a bookmarkable url that points to the sessionexpiry page
-igor
On Wed, Jun 2, 2010 at 12:03 PM, kugaprakash <kv...@infoblox.com> wrote:
>
> Can anybody help me with this question?
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/Problem-with-Crypted-URL-tp1875435p2240647.html
> Sent from the Wicket - User mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org