All we know that. On the other hand it is very practice to solve it in that
way. What tools or framework do you use instead?
On Fri, Jul 23, 2010 at 5:25 PM, Igor Vaynberg <igor.vaynb...@gmail.com>wrote:
> wicket property files are meant for externalizing ui strings, not
> configuration values :)
>
> -igor
>
> On Fri, Jul 23, 2010 at 12:12 PM, Jim Pinkham <pinkh...@gmail.com> wrote:
> > I was just looking around for my dunce cap after noticing this little
> gotcha
> > - and I thought of this forum instead to share my moment of
> > not-so-brilliance:
> >
> > public LoginForm(final String id) {
> > ... other stuff ...
> > add(new FormComponentFeedbackBorder("user.feedback").add(new
> > TextField("user").setRequired(true)));
> > passwordField = new PasswordTextField("password");
> > passwordField.setRequired(true);
> > add(new
> > FormComponentFeedbackBorder("password.feedback").add(passwordField));
> > }
> > protected void onSubmit() {
> > String password=getString("password").trim();
> > if (password.equalsIgnoreCase(getPassword())) {
> > ((AuctionSession)getSession()).setAdmin(true);
> > ((AuctionSession)getSession()).setUserName(getUser());
> > if (!continueToOriginalDestination())
> > setResponsePage(getApplication().getHomePage());
> > } else
> > passwordField.error("invalid user/password");
> > }
> > }
> >
> > Pretty basic, I know. Maybe you have a page like this in your Wicket
> app?
> >
> >
> > The mistake I wanted to share is that I'm using the same name for the
> > "password" wicket:id, and the string property in MyLoginPage.properties,
> > which just has a line that says password=super_secret_whatever.
> (Actually,
> > it's ${profile.password} and I have different maven profiles for
> different
> > versions of the app, but that's another story).
> >
> > Anyway, imagine my suprise when I accidentally left the password blank by
> > mistake - the required error message uses the same property and shows the
> > password to the wide world in the feedback message:
> 'super_secret_whatever'
> > is required. Hah! (Yup, it's been in production for quite a while
> like
> > this...)
> >
> > Just wanted to share that one with y'all - may all your mistakes be
> > entertaining and/or educational...
> > :)
> >
> > -- Jim.
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
--
Fernando Wermus.
www.linkedin.com/in/fernandowermus
