Re: R: Not solved! Re: Problem with mixing HTTP and HTTPS
Kevin Menard wrote: What we (or at least I) want is to deal with this at the page class level. The idea would be a page class can either be marked as secure or not and the framework would then take care of rewriting URLs with the appropriate scheme. Such a system would allow for a nice hierarchy of secure pages and likewise would cut down on the human error element by letting the framework do most of the grunt work. This sounds like exactly what I need. I've raised the issue in Jira (http://issues.apache.org/jira/browse/TAPESTRY-991). Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: R: Not solved! Re: Problem with mixing HTTP and HTTPS
Giampaolo Tomassoni wrote: You may develop a filter to be put on top of the tapestry servlet, I'll check it out. Thanks for your time, I appreciate it! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Not solved! Re: Problem with mixing HTTP and HTTPS
Hello again! After trying out the suggestion to use in web.xml (thanks Giampaolo!) I've figured out that it doesn't exactly solve my problem. The problem is that I need to redirect to HTTPS for login and some other subset of pages, and then after login, redirect back to HTTP. By using I am able to redirect to HTTPS, but there doesn't seem to be a way to revert back to HTTP after the initial excursion. I'm really getting pissed about this (and feeling more and more stupid after each new failed attempt). Especially since the constraint to mix HTTP and HTTPS pages has been forced upon me with the explanation that everybody does it due to bad performance of HTTPS, which I'd give my right arm if we would ever see in this particular application. :-( Any other suggestions? Does anybody use a tapestry-based application in which some pages are behind HTTPS while others are HTTP? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: R: Problem with mixing HTTP and HTTPS
Giampaolo Tomassoni wrote: In your web.xml: ... Thanks! I'll try that. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Problem with mixing HTTP and HTTPS
Hello! A while ago, I posted a question here about making some of the pages accessible only through HTTPS while the rest of the pages through HTTP. In the meantime, I've tried to achieve this by using RedirectException in pageValidate(). However, I'm facing some problems with this approach (such as, getting infinite redirection loops for DirectLinks). Could somebody please give me a hint on what is "the right way" to make some pages accessible only via HTTPS while leaving others to HTTP? Help really appreciated! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [SPAM] Re: Redirecting to HTTPS in pageValidate(), or something?
Shing Hing Man wrote: @InjectObject("service:tapestry.globals.WebRequest") public abstract WebRequest getWebRequest() Thanks, I try that! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Redirecting to HTTPS in pageValidate(), or something?
Hi! Nick Westgate wrote: RequestContext requestContext = event.getRequestCycle().getRequestContext(); I've thought about that, yes, but it seemed like a bit of a hack. Is this the right way to do it in Tapestry 4 (except that instead of calling getRequestContext(), the context should be injected into pages. BTW, how do I do that)? Thanks for answering! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Redirecting to HTTPS in pageValidate(), or something?
Hello! Is there a way to ensure that a page can be accessed only via HTTPS scheme, but relying only on Tapestry mechanisms, i.e. not using Tomcat etc.? Ideally, I would like to redirect an HTTP request in pageValidate() of a page to the same page but via HTTPS. Thanks in advance! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]