[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227744#comment-17227744 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- [~svenmeier]thanks for your work. This seems to fix problem. Running our full battery of tests now to double check. > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
buildbot success in on wicket-master-java13
The Buildbot has detected a restored build on builder wicket-master-java13 while building wicket. Full details are available at: https://ci.apache.org/builders/wicket-master-java13/builds/351 Buildbot URL: https://ci.apache.org/ Buildslave for this Build: bb_slave6_ubuntu Build Reason: The SingleBranchScheduler scheduler named 'on-wicket-master-java13-commit' triggered this build Build Source Stamp: [branch master] 53ef2ff71ec2cd67f258ebadab9719affabeebaf Blamelist: Andrea Del Bene Build succeeded! Sincerely, -The Buildbot
[wicket] branch master updated: Added documentation on setting request headers for unit tests.
This is an automated email from the ASF dual-hosted git repository.
adelbene pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 53ef2ff Added documentation on setting request headers for unit tests.
53ef2ff is described below
commit 53ef2ff71ec2cd67f258ebadab9719affabeebaf
Author: Andrea Del Bene
AuthorDate: Fri Nov 6 22:45:41 2020 +0100
Added documentation on setting request headers for unit tests.
---
.../src/main/asciidoc/security/security_5.adoc | 2 ++
.../src/main/asciidoc/testing/testing_1.adoc | 32 ++
2 files changed, 34 insertions(+)
diff --git a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
index 9518d5e..5f96e30 100644
--- a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
+++ b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
@@ -59,6 +59,8 @@ For example:
_ResourceIsolationRequestCycleListener_ is not an alternative to
_CryptoMapper_! Both of them could be used separately or in tandem to prevent
CSRF attacks depending on the application requirements.
+NOTE: In the next chapter we will cover unit testing with Wicket. If your
application is protected with _ResourceIsolationRequestCycleListener_ you have
to properly set request header _"sec-fetch-site"_ to make you unit tests pass.
In <> you will learn
how to do it.
+
Wicket also provides the deprecated (since version 9.1.0)
_CsrfPreventionRequestCycleListener_ - a _IRequestCycleListener_ that forbids
requests made from a different origin. Similar to the
__ResourceIsolationRequestCycleListener__ by default only actions are
forbidden, i.e. a request coming from different origin cannot execute
_Link.onClick()_ or submit forms (_Form.onSubmit()_). Any request to render
pages are still allowed so Wicket pages could be easily embedded in other
applications.
MyApplication.java
diff --git a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
index 27dadfa..6f8339e 100644
--- a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
+++ b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
@@ -285,3 +285,35 @@ public void tearDown(){
}
+=== Setting request headers
+
+In some cases you might need to set one or more specific request headers to
make your test pass. This holds true when your application is protected against
CSRF attacks as explained in <>.
In this particular case in order to make your tests green you must set header
request _"sec-fetch-site"_ to _same-site_ before clicking on a page link or
before invoking a callback URL:
+
+[source,java]
+
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SAME_SITE;
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SEC_FETCH_SITE_HEADER;
+
+public class TestHomePage
+{
+ private WicketTester tester;
+
+ @BeforeEach
+ public void setUp()
+ {
+ tester = new WicketTester(new WicketApplication());
+ }
+
+ @Test
+ public void homepageRendersSuccessfully()
+ {
+ //start and render the test page
+ tester.startPage(HomePage.class);
+
+ tester.addRequestHeader(SEC_FETCH_SITE_HEADER, SAME_SITE);
+ tester.clickLink("click");
+ }
+}
+
+
+NOTE: keep in mind that request headers are immediately discarded after the
use and thus are not re-used for following requests.
\ No newline at end of file
[wicket] branch master updated: Added documentation on setting request headers for unit tests.
This is an automated email from the ASF dual-hosted git repository.
adelbene pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 53ef2ff Added documentation on setting request headers for unit tests.
53ef2ff is described below
commit 53ef2ff71ec2cd67f258ebadab9719affabeebaf
Author: Andrea Del Bene
AuthorDate: Fri Nov 6 22:45:41 2020 +0100
Added documentation on setting request headers for unit tests.
---
.../src/main/asciidoc/security/security_5.adoc | 2 ++
.../src/main/asciidoc/testing/testing_1.adoc | 32 ++
2 files changed, 34 insertions(+)
diff --git a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
index 9518d5e..5f96e30 100644
--- a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
+++ b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
@@ -59,6 +59,8 @@ For example:
_ResourceIsolationRequestCycleListener_ is not an alternative to
_CryptoMapper_! Both of them could be used separately or in tandem to prevent
CSRF attacks depending on the application requirements.
+NOTE: In the next chapter we will cover unit testing with Wicket. If your
application is protected with _ResourceIsolationRequestCycleListener_ you have
to properly set request header _"sec-fetch-site"_ to make you unit tests pass.
In <> you will learn
how to do it.
+
Wicket also provides the deprecated (since version 9.1.0)
_CsrfPreventionRequestCycleListener_ - a _IRequestCycleListener_ that forbids
requests made from a different origin. Similar to the
__ResourceIsolationRequestCycleListener__ by default only actions are
forbidden, i.e. a request coming from different origin cannot execute
_Link.onClick()_ or submit forms (_Form.onSubmit()_). Any request to render
pages are still allowed so Wicket pages could be easily embedded in other
applications.
MyApplication.java
diff --git a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
index 27dadfa..6f8339e 100644
--- a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
+++ b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
@@ -285,3 +285,35 @@ public void tearDown(){
}
+=== Setting request headers
+
+In some cases you might need to set one or more specific request headers to
make your test pass. This holds true when your application is protected against
CSRF attacks as explained in <>.
In this particular case in order to make your tests green you must set header
request _"sec-fetch-site"_ to _same-site_ before clicking on a page link or
before invoking a callback URL:
+
+[source,java]
+
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SAME_SITE;
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SEC_FETCH_SITE_HEADER;
+
+public class TestHomePage
+{
+ private WicketTester tester;
+
+ @BeforeEach
+ public void setUp()
+ {
+ tester = new WicketTester(new WicketApplication());
+ }
+
+ @Test
+ public void homepageRendersSuccessfully()
+ {
+ //start and render the test page
+ tester.startPage(HomePage.class);
+
+ tester.addRequestHeader(SEC_FETCH_SITE_HEADER, SAME_SITE);
+ tester.clickLink("click");
+ }
+}
+
+
+NOTE: keep in mind that request headers are immediately discarded after the
use and thus are not re-used for following requests.
\ No newline at end of file
[wicket] branch master updated: Added documentation on setting request headers for unit tests.
This is an automated email from the ASF dual-hosted git repository.
adelbene pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 53ef2ff Added documentation on setting request headers for unit tests.
53ef2ff is described below
commit 53ef2ff71ec2cd67f258ebadab9719affabeebaf
Author: Andrea Del Bene
AuthorDate: Fri Nov 6 22:45:41 2020 +0100
Added documentation on setting request headers for unit tests.
---
.../src/main/asciidoc/security/security_5.adoc | 2 ++
.../src/main/asciidoc/testing/testing_1.adoc | 32 ++
2 files changed, 34 insertions(+)
diff --git a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
index 9518d5e..5f96e30 100644
--- a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
+++ b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
@@ -59,6 +59,8 @@ For example:
_ResourceIsolationRequestCycleListener_ is not an alternative to
_CryptoMapper_! Both of them could be used separately or in tandem to prevent
CSRF attacks depending on the application requirements.
+NOTE: In the next chapter we will cover unit testing with Wicket. If your
application is protected with _ResourceIsolationRequestCycleListener_ you have
to properly set request header _"sec-fetch-site"_ to make you unit tests pass.
In <> you will learn
how to do it.
+
Wicket also provides the deprecated (since version 9.1.0)
_CsrfPreventionRequestCycleListener_ - a _IRequestCycleListener_ that forbids
requests made from a different origin. Similar to the
__ResourceIsolationRequestCycleListener__ by default only actions are
forbidden, i.e. a request coming from different origin cannot execute
_Link.onClick()_ or submit forms (_Form.onSubmit()_). Any request to render
pages are still allowed so Wicket pages could be easily embedded in other
applications.
MyApplication.java
diff --git a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
index 27dadfa..6f8339e 100644
--- a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
+++ b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
@@ -285,3 +285,35 @@ public void tearDown(){
}
+=== Setting request headers
+
+In some cases you might need to set one or more specific request headers to
make your test pass. This holds true when your application is protected against
CSRF attacks as explained in <>.
In this particular case in order to make your tests green you must set header
request _"sec-fetch-site"_ to _same-site_ before clicking on a page link or
before invoking a callback URL:
+
+[source,java]
+
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SAME_SITE;
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SEC_FETCH_SITE_HEADER;
+
+public class TestHomePage
+{
+ private WicketTester tester;
+
+ @BeforeEach
+ public void setUp()
+ {
+ tester = new WicketTester(new WicketApplication());
+ }
+
+ @Test
+ public void homepageRendersSuccessfully()
+ {
+ //start and render the test page
+ tester.startPage(HomePage.class);
+
+ tester.addRequestHeader(SEC_FETCH_SITE_HEADER, SAME_SITE);
+ tester.clickLink("click");
+ }
+}
+
+
+NOTE: keep in mind that request headers are immediately discarded after the
use and thus are not re-used for following requests.
\ No newline at end of file
[wicket] branch master updated: Added documentation on setting request headers for unit tests.
This is an automated email from the ASF dual-hosted git repository.
adelbene pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 53ef2ff Added documentation on setting request headers for unit tests.
53ef2ff is described below
commit 53ef2ff71ec2cd67f258ebadab9719affabeebaf
Author: Andrea Del Bene
AuthorDate: Fri Nov 6 22:45:41 2020 +0100
Added documentation on setting request headers for unit tests.
---
.../src/main/asciidoc/security/security_5.adoc | 2 ++
.../src/main/asciidoc/testing/testing_1.adoc | 32 ++
2 files changed, 34 insertions(+)
diff --git a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
index 9518d5e..5f96e30 100644
--- a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
+++ b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
@@ -59,6 +59,8 @@ For example:
_ResourceIsolationRequestCycleListener_ is not an alternative to
_CryptoMapper_! Both of them could be used separately or in tandem to prevent
CSRF attacks depending on the application requirements.
+NOTE: In the next chapter we will cover unit testing with Wicket. If your
application is protected with _ResourceIsolationRequestCycleListener_ you have
to properly set request header _"sec-fetch-site"_ to make you unit tests pass.
In <> you will learn
how to do it.
+
Wicket also provides the deprecated (since version 9.1.0)
_CsrfPreventionRequestCycleListener_ - a _IRequestCycleListener_ that forbids
requests made from a different origin. Similar to the
__ResourceIsolationRequestCycleListener__ by default only actions are
forbidden, i.e. a request coming from different origin cannot execute
_Link.onClick()_ or submit forms (_Form.onSubmit()_). Any request to render
pages are still allowed so Wicket pages could be easily embedded in other
applications.
MyApplication.java
diff --git a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
index 27dadfa..6f8339e 100644
--- a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
+++ b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
@@ -285,3 +285,35 @@ public void tearDown(){
}
+=== Setting request headers
+
+In some cases you might need to set one or more specific request headers to
make your test pass. This holds true when your application is protected against
CSRF attacks as explained in <>.
In this particular case in order to make your tests green you must set header
request _"sec-fetch-site"_ to _same-site_ before clicking on a page link or
before invoking a callback URL:
+
+[source,java]
+
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SAME_SITE;
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SEC_FETCH_SITE_HEADER;
+
+public class TestHomePage
+{
+ private WicketTester tester;
+
+ @BeforeEach
+ public void setUp()
+ {
+ tester = new WicketTester(new WicketApplication());
+ }
+
+ @Test
+ public void homepageRendersSuccessfully()
+ {
+ //start and render the test page
+ tester.startPage(HomePage.class);
+
+ tester.addRequestHeader(SEC_FETCH_SITE_HEADER, SAME_SITE);
+ tester.clickLink("click");
+ }
+}
+
+
+NOTE: keep in mind that request headers are immediately discarded after the
use and thus are not re-used for following requests.
\ No newline at end of file
[wicket] branch master updated: Added documentation on setting request headers for unit tests.
This is an automated email from the ASF dual-hosted git repository.
adelbene pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 53ef2ff Added documentation on setting request headers for unit tests.
53ef2ff is described below
commit 53ef2ff71ec2cd67f258ebadab9719affabeebaf
Author: Andrea Del Bene
AuthorDate: Fri Nov 6 22:45:41 2020 +0100
Added documentation on setting request headers for unit tests.
---
.../src/main/asciidoc/security/security_5.adoc | 2 ++
.../src/main/asciidoc/testing/testing_1.adoc | 32 ++
2 files changed, 34 insertions(+)
diff --git a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
index 9518d5e..5f96e30 100644
--- a/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
+++ b/wicket-user-guide/src/main/asciidoc/security/security_5.adoc
@@ -59,6 +59,8 @@ For example:
_ResourceIsolationRequestCycleListener_ is not an alternative to
_CryptoMapper_! Both of them could be used separately or in tandem to prevent
CSRF attacks depending on the application requirements.
+NOTE: In the next chapter we will cover unit testing with Wicket. If your
application is protected with _ResourceIsolationRequestCycleListener_ you have
to properly set request header _"sec-fetch-site"_ to make you unit tests pass.
In <> you will learn
how to do it.
+
Wicket also provides the deprecated (since version 9.1.0)
_CsrfPreventionRequestCycleListener_ - a _IRequestCycleListener_ that forbids
requests made from a different origin. Similar to the
__ResourceIsolationRequestCycleListener__ by default only actions are
forbidden, i.e. a request coming from different origin cannot execute
_Link.onClick()_ or submit forms (_Form.onSubmit()_). Any request to render
pages are still allowed so Wicket pages could be easily embedded in other
applications.
MyApplication.java
diff --git a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
index 27dadfa..6f8339e 100644
--- a/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
+++ b/wicket-user-guide/src/main/asciidoc/testing/testing_1.adoc
@@ -285,3 +285,35 @@ public void tearDown(){
}
+=== Setting request headers
+
+In some cases you might need to set one or more specific request headers to
make your test pass. This holds true when your application is protected against
CSRF attacks as explained in <>.
In this particular case in order to make your tests green you must set header
request _"sec-fetch-site"_ to _same-site_ before clicking on a page link or
before invoking a callback URL:
+
+[source,java]
+
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SAME_SITE;
+import static
org.apache.wicket.protocol.http.FetchMetadataResourceIsolationPolicy.SEC_FETCH_SITE_HEADER;
+
+public class TestHomePage
+{
+ private WicketTester tester;
+
+ @BeforeEach
+ public void setUp()
+ {
+ tester = new WicketTester(new WicketApplication());
+ }
+
+ @Test
+ public void homepageRendersSuccessfully()
+ {
+ //start and render the test page
+ tester.startPage(HomePage.class);
+
+ tester.addRequestHeader(SEC_FETCH_SITE_HEADER, SAME_SITE);
+ tester.clickLink("click");
+ }
+}
+
+
+NOTE: keep in mind that request headers are immediately discarded after the
use and thus are not re-used for following requests.
\ No newline at end of file
[jira] [Comment Edited] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227543#comment-17227543 ] Sven Meier edited comment on WICKET-6847 at 11/6/20, 5:45 PM: -- With https://github.com/apache/wicket/commit/15a6cedfb8b855c004b2ece201d9eac063ef770e RequestCycle calls #onEndRequest() from processRequest() instead onDetach(). This allows listeners to do things before flush, which itself is an improvement. Furthermore IPageManager/IPageStore/RequestPageStore can add a sessions cookie as late as possible but *before* flush. was (Author: svenmeier): On branch WICKET-6847-onEndRequest-before-flush RequestCycle now calls #onEndRequest() from processRequest() instead onDetach(). This allows listeners to do things before flush, which itself is an improvement. Furthermore IPageManager/IPageStore/RequestPageStore can add a sessions cookie as late as possible but *before* flush. > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227543#comment-17227543 ] Sven Meier commented on WICKET-6847: On branch WICKET-6847-onEndRequest-before-flush RequestCycle now calls #onEndRequest() from processRequest() instead onDetach(). This allows listeners to do things before flush, which itself is an improvement. Furthermore IPageManager/IPageStore/RequestPageStore can add a sessions cookie as late as possible but *before* flush. > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227539#comment-17227539 ] ASF subversion and git services commented on WICKET-6847: - Commit 15a6cedfb8b855c004b2ece201d9eac063ef770e in wicket's branch refs/heads/WICKET-6847-onEndRequest-before-flush from Sven Meier [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=15a6ced ] WICKET-6847 onEndRequest before flush allows RequestPageStore to check for stateful pages > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[wicket] branch WICKET-6847-onEndRequest-before-flush created (now 15a6ced)
This is an automated email from the ASF dual-hosted git repository. svenmeier pushed a change to branch WICKET-6847-onEndRequest-before-flush in repository https://gitbox.apache.org/repos/asf/wicket.git. at 15a6ced WICKET-6847 onEndRequest before flush This branch includes the following new commits: new 15a6ced WICKET-6847 onEndRequest before flush The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[wicket] 01/01: WICKET-6847 onEndRequest before flush
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch WICKET-6847-onEndRequest-before-flush
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit 15a6cedfb8b855c004b2ece201d9eac063ef770e
Author: Sven Meier
AuthorDate: Fri Nov 6 18:36:16 2020 +0100
WICKET-6847 onEndRequest before flush
allows RequestPageStore to check for stateful pages
---
pom.xml | 12
.../src/main/java/org/apache/wicket/Application.java | 6 ++
.../java/org/apache/wicket/page/IPageManager.java| 6 ++
.../java/org/apache/wicket/page/PageManager.java | 6 ++
.../apache/wicket/pageStore/DelegatingPageStore.java | 6 ++
.../java/org/apache/wicket/pageStore/IPageStore.java | 9 +
.../apache/wicket/pageStore/RequestPageStore.java| 19 ++-
.../apache/wicket/request/cycle/RequestCycle.java| 20 ++--
8 files changed, 69 insertions(+), 15 deletions(-)
diff --git a/pom.xml b/pom.xml
index 0c7cfd5..4e0c912 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1133,6 +1133,18 @@
9.0.0
true
true
+
+
+
7012
+
org/apache/wicket/page/IPageManager
+ void
end()
+
+
+
7012
+
org/apache/wicket/pageStore/IPageStore
+ void
end(org.apache.wicket.pageStore.IPageContext)
+
+
diff --git a/wicket-core/src/main/java/org/apache/wicket/Application.java
b/wicket-core/src/main/java/org/apache/wicket/Application.java
index 78fd57f..fa4ce29 100644
--- a/wicket-core/src/main/java/org/apache/wicket/Application.java
+++ b/wicket-core/src/main/java/org/apache/wicket/Application.java
@@ -1567,6 +1567,12 @@ public abstract class Application implements
UnboundListener, IEventSink, IMetad
requestCycle.getListeners().add(new IRequestCycleListener()
{
@Override
+ public void onEndRequest(RequestCycle cycle)
+ {
+ internalGetPageManager().end();
+ }
+
+ @Override
public void onDetach(final RequestCycle requestCycle)
{
internalGetPageManager().detach();
diff --git a/wicket-core/src/main/java/org/apache/wicket/page/IPageManager.java
b/wicket-core/src/main/java/org/apache/wicket/page/IPageManager.java
index c675cd9..ef6094a 100644
--- a/wicket-core/src/main/java/org/apache/wicket/page/IPageManager.java
+++ b/wicket-core/src/main/java/org/apache/wicket/page/IPageManager.java
@@ -73,6 +73,12 @@ public interface IPageManager
void clear();
/**
+* End the request.
+*/
+ default void end() {
+ }
+
+ /**
* Detach at end of request.
*/
void detach();
diff --git a/wicket-core/src/main/java/org/apache/wicket/page/PageManager.java
b/wicket-core/src/main/java/org/apache/wicket/page/PageManager.java
index 642b3c1..02bf13c 100644
--- a/wicket-core/src/main/java/org/apache/wicket/page/PageManager.java
+++ b/wicket-core/src/main/java/org/apache/wicket/page/PageManager.java
@@ -80,6 +80,12 @@ public class PageManager implements IPageManager
}
@Override
+ public void end()
+ {
+ store.end(createPageContext());
+ }
+
+ @Override
public void detach()
{
store.detach(createPageContext());
diff --git
a/wicket-core/src/main/java/org/apache/wicket/pageStore/DelegatingPageStore.java
b/wicket-core/src/main/java/org/apache/wicket/pageStore/DelegatingPageStore.java
index 5ec3a79..3402b2c 100644
---
a/wicket-core/src/main/java/org/apache/wicket/pageStore/DelegatingPageStore.java
+++
b/wicket-core/src/main/java/org/apache/wicket/pageStore/DelegatingPageStore.java
@@ -76,6 +76,12 @@ public abstract class DelegatingPageStore implements
IPageStore
}
@Override
+ public void
[jira] [Comment Edited] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227396#comment-17227396 ] Ernesto Reinaldo Barreiro edited comment on WICKET-6847 at 11/6/20, 1:19 PM: - Ok. Situation arises in our case because we have a stateFul page unit test logs out and there is no longer a session... Still debugging was (Author: reiern70): Ok. Situation arises in our case because we have a stateFul page unit test logs and there is no longer a session to store page... Still debugging > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227396#comment-17227396 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- Ok. Situation arises in our case because we have a stateFul page unit test logs and there is no longer a session to store page... Still debugging > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[
https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227394#comment-17227394
]
Martin Tzvetanov Grigorov commented on WICKET-6847:
---
{code:java}
isPageStateless and now RequestPageStore.addPage calls Page.isPageStateless
again. IMHO this is bound to give problems. {code}
Why ?
The new code just binds an HttpSession if the page is already known to be
stateful.
If it becomes stateful at a later point in time then the new code does nothing
harmful.
I guess we need to add a new step before committing the request:
* check whether there are stateful pages to be stored and bind HttpSession if
needed
* commit request
* detach the page
If this works then my previous change could be removed as obsolete.
In any case it would be nice to have a test case demonstrating the current
issue to protect us from further regressions.
> async page storing fails with flush before detach without session
> -
>
> Key: WICKET-6847
> URL: https://issues.apache.org/jira/browse/WICKET-6847
> Project: Wicket
> Issue Type: Bug
> Components: wicket
>Affects Versions: 9.1.0
>Reporter: Sven Meier
>Assignee: Martin Tzvetanov Grigorov
>Priority: Minor
> Fix For: 9.2.0
>
>
> Since WICKET-6831 the response is flushed before detach.
> RequestPageStore delays storing all of stateful pages until detach; at that
> moment AsynchronousPageStore can no longer acquire the required session id.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[
https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227385#comment-17227385
]
Emond Papegaaij commented on WICKET-6847:
-
Yes, but in this case it simply calls {{super.touchPage}}, so it does not make
a difference for the flow.
> async page storing fails with flush before detach without session
> -
>
> Key: WICKET-6847
> URL: https://issues.apache.org/jira/browse/WICKET-6847
> Project: Wicket
> Issue Type: Bug
> Components: wicket
>Affects Versions: 9.1.0
>Reporter: Sven Meier
>Assignee: Martin Tzvetanov Grigorov
>Priority: Minor
> Fix For: 9.2.0
>
>
> Since WICKET-6831 the response is flushed before detach.
> RequestPageStore delays storing all of stateful pages until detach; at that
> moment AsynchronousPageStore can no longer acquire the required session id.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227380#comment-17227380 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- DecoratablePageManager is your own class? I can't find it in wicket codebase > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[
https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227336#comment-17227336
]
Emond Papegaaij commented on WICKET-6847:
-
I'm looking at the change by [~mgrigorov] once more and I think it is
incorrect. {{RequestPageStore.addPage}} is called from {{Page.onInitialize}},
which can be called from {{Page.isPageStateless}} and now
{{RequestPageStore.addPage}} calls {{Page.isPageStateless}} again. IMHO this is
bound to give problems. Here's a stack dump from our application (on 9.1.0):
{code}
RequestPageStore.addPage(IPageContext, IManageablePage) line: 62
DecoratablePageManager(PageManager).touchPage(IManageablePage) line: 67
DecoratablePageManager.touchPage(IManageablePage) line: 22
PageAccessSynchronizer$1.touchPage(IManageablePage) line: 150
ConfigApplicationPage(Page).onInitialize() line: 301
ConfigApplicationPage(AbstractKeyHubPage).onInitialize() line: 64
ConfigApplicationPage(AbstractSecureKeyHubPage).onInitialize() line: 84
ConfigApplicationPage(AbstractKeyHubAdminPage).onInitialize() line: 57
ConfigApplicationPage.onInitialize() line: 25
ConfigApplicationPage(Component).fireInitialize() line: 874
ConfigApplicationPage(MarkupContainer).internalInitialize() line: 1050
ConfigApplicationPage(Page).isPageStateless() line: 461
{code}
> async page storing fails with flush before detach without session
> -
>
> Key: WICKET-6847
> URL: https://issues.apache.org/jira/browse/WICKET-6847
> Project: Wicket
> Issue Type: Bug
> Components: wicket
>Affects Versions: 9.1.0
>Reporter: Sven Meier
>Assignee: Martin Tzvetanov Grigorov
>Priority: Minor
> Fix For: 9.2.0
>
>
> Since WICKET-6831 the response is flushed before detach.
> RequestPageStore delays storing all of stateful pages until detach; at that
> moment AsynchronousPageStore can no longer acquire the required session id.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227331#comment-17227331 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- [~papegaaij] Trying to check. > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[
https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227324#comment-17227324
]
Emond Papegaaij commented on WICKET-6847:
-
I think I know the cause of the problem. The check [~mgrigorov] added in
https://github.com/apache/wicket/commit/8664176abcc6393c54b29d058c655d440500bc8d
is done at a moment when we cannot always know if the page is stateless or
not. One of the locations it is called from is {{onInitialize}}, at which point
the page very likely does not hold any components yet. On thing I do find
strange though, is that I consistently get a second call from
{{onAfterRender}}, at which point the session is also created. [~reiern70]
could it be that you are instantiating pages without actually rendering them?
> async page storing fails with flush before detach without session
> -
>
> Key: WICKET-6847
> URL: https://issues.apache.org/jira/browse/WICKET-6847
> Project: Wicket
> Issue Type: Bug
> Components: wicket
>Affects Versions: 9.1.0
>Reporter: Sven Meier
>Assignee: Martin Tzvetanov Grigorov
>Priority: Minor
> Fix For: 9.2.0
>
>
> Since WICKET-6831 the response is flushed before detach.
> RequestPageStore delays storing all of stateful pages until detach; at that
> moment AsynchronousPageStore can no longer acquire the required session id.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227284#comment-17227284 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- Sorry. We had other top priorities at work :-( I still get this error on our logs with latest master. > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227283#comment-17227283 ] Ernesto Reinaldo Barreiro commented on WICKET-6847: --- java.lang.IllegalStateException: Cannot create a session after the response has been committed at org.apache.catalina.connector.Request.doGetSession(Request.java:3038) at org.apache.catalina.connector.Request.getSession(Request.java:2456) at org.apache.catalina.connector.RequestFacade.getSession(RequestFacade.java:896) at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:231) at org.apache.shiro.web.servlet.ShiroHttpServletRequest.getSession(ShiroHttpServletRequest.java:148) at org.apache.wicket.session.HttpSessionStore.getHttpSession(HttpSessionStore.java:85) at org.apache.wicket.session.HttpSessionStore.getSessionId(HttpSessionStore.java:146) at org.apache.wicket.Session.bind(Session.java:276) at org.apache.wicket.pageStore.DefaultPageContext.getSessionId(DefaultPageContext.java:44) at org.apache.wicket.pageStore.AsynchronousPageStore$PendingAdd.(AsynchronousPageStore.java:150) at org.apache.wicket.pageStore.AsynchronousPageStore.addPage(AsynchronousPageStore.java:368) at org.apache.wicket.pageStore.SerializingPageStore.addPage(SerializingPageStore.java:82) at org.apache.wicket.pageStore.CachingPageStore.addPage(CachingPageStore.java:73) at org.apache.wicket.pageStore.RequestPageStore.detach(RequestPageStore.java:108) at org.apache.wicket.page.PageManager.detach(PageManager.java:85) at org.apache.wicket.Application$2.onDetach(Application.java:1572) at org.apache.wicket.request.cycle.RequestCycleListenerCollection$3.notify(RequestCycleListenerCollection.java:105) at org.apache.wicket.request.cycle.RequestCycleListenerCollection$3.notify(RequestCycleListenerCollection.java:101) at org.apache.wicket.util.listener.ListenerCollection$1.notify(ListenerCollection.java:120) at org.apache.wicket.util.listener.ListenerCollection.reversedNotify(ListenerCollection.java:144) at org.apache.wicket.util.listener.ListenerCollection.reversedNotifyIgnoringExceptions(ListenerCollection.java:113) at org.apache.wicket.request.cycle.RequestCycleListenerCollection.onDetach(RequestCycleListenerCollection.java:100) at org.apache.wicket.request.cycle.RequestCycle.onDetach(RequestCycle.java:669) at org.apache.wicket.request.cycle.RequestCycle.detach(RequestCycle.java:614) at org.apache.wicket.protocol.http.WicketFilter.processRequestCycle(WicketFilter.java:284) at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:207) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:306) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.partners.ckms.server.TransactionFilter$1.run(TransactionFilter.java:95) at org.partners.ckms.CkmsManager$32.call(CkmsManager.java:3361) at org.partners.ckms.CkmsManager$32.call(CkmsManager.java:3358) at org.partners.ckms.CkmsManager.executeInTransaction(CkmsManager.java:3381) at org.partners.ckms.CkmsManager.executeInTransaction(CkmsManager.java:3356) at org.partners.ckms.server.TransactionFilter.doFilter(TransactionFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61) at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108) at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137) at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:125) at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66) at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:449) at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:365) at
[jira] [Commented] (WICKET-6847) async page storing fails with flush before detach without session
[ https://issues.apache.org/jira/browse/WICKET-6847?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17227276#comment-17227276 ] Andrea Del Bene commented on WICKET-6847: - [~reiern70] Ping :D > async page storing fails with flush before detach without session > - > > Key: WICKET-6847 > URL: https://issues.apache.org/jira/browse/WICKET-6847 > Project: Wicket > Issue Type: Bug > Components: wicket >Affects Versions: 9.1.0 >Reporter: Sven Meier >Assignee: Martin Tzvetanov Grigorov >Priority: Minor > Fix For: 9.2.0 > > > Since WICKET-6831 the response is flushed before detach. > RequestPageStore delays storing all of stateful pages until detach; at that > moment AsynchronousPageStore can no longer acquire the required session id. -- This message was sent by Atlassian Jira (v8.3.4#803005)
