Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Thanks for the followup Eelcobut whats with the behavior i am seeing, i.e. using ExternalLink to link to LogoutPage (mounted as /logout) versus Link.onClick{setResponsePage(new LoginPage()}, where the externallink works fine and the LogoutPage does invalidation and redirection (to external logout page) as i require, whereas the later one does the session-invalidation but instead of taking me to the logout page shows session-expiry page..whats with that...i have the code for my LogoutPage here... http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-to16974119.html#a17054937 Eelco Hillenius wrote: So you are saying re-direction isn't supported in the constructor ? It should be supported. But throwing an abort exception is better, if only because whatever else you're doing in your constructor will be skipped. Eelco - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17066645.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17043421.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) Is there a way to eliminate this? I tried to put a catch surrounding the invalidate, but it's no use. thanks, On Sun, May 4, 2008 at 10:00 AM, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17043421.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Eyal Golan [EMAIL PROTECTED] Visit: http://jvdrums.sourceforge.net/
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
In a constructor of another page is just fine, but use an RestartXxxException. Else you have 2 things that wants to be the response, the redirect and the page you are in. On 5/4/08, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17042343.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
I tried the normal invalidate before and got the same exception. I'm not sure I understood what you said about the constructor in your other reply. My scenario is like this: The user will press the logout link, the session logs out and I redirect to the Login page. I had another solution like this: public void onClick() { PortalSession session = (PortalSession) getSession(); session.setCredentials(null, );//our own method setResponsePage(com.eurekify.web.Login.class); } It worked, but the I could reenter the pages with the back button. After checking invalidate, I found that it's better, but the I saw this exception. On Sun, May 4, 2008 at 12:48 PM, Johan Compagner [EMAIL PROTECTED] wrote: Why do you do invalidateNow? You want a new session for that next response page? It seems jetty does invalidate but doesnt give us a new one in the same request. Or wicket holds on to the http session object but i dont think we do that. On 5/4/08, Eyal Golan [EMAIL PROTECTED] wrote: Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) Is there a way to eliminate this? I tried to put a catch surrounding the invalidate, but it's no use. thanks, On Sun, May 4, 2008 at 10:00 AM, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Why do you do invalidateNow? You want a new session for that next response page? It seems jetty does invalidate but doesnt give us a new one in the same request. Or wicket holds on to the http session object but i dont think we do that. On 5/4/08, Eyal Golan [EMAIL PROTECTED] wrote: Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) Is there a way to eliminate this? I tried to put a catch surrounding the invalidate, but it's no use. thanks, On Sun, May 4, 2008 at 10:00 AM, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context:
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
with using invalidate you shouldnt get that message becacuse then invalidate is being done as last What is the stacktrace then? this should tjust work: getSession().invalidate(); setResponsePage(com.eurekify.web.Login.class); On Sun, May 4, 2008 at 12:02 PM, Eyal Golan [EMAIL PROTECTED] wrote: I tried the normal invalidate before and got the same exception. I'm not sure I understood what you said about the constructor in your other reply. My scenario is like this: The user will press the logout link, the session logs out and I redirect to the Login page. I had another solution like this: public void onClick() { PortalSession session = (PortalSession) getSession(); session.setCredentials(null, );//our own method setResponsePage(com.eurekify.web.Login.class); } It worked, but the I could reenter the pages with the back button. After checking invalidate, I found that it's better, but the I saw this exception. On Sun, May 4, 2008 at 12:48 PM, Johan Compagner [EMAIL PROTECTED] wrote: Why do you do invalidateNow? You want a new session for that next response page? It seems jetty does invalidate but doesnt give us a new one in the same request. Or wicket holds on to the http session object but i dont think we do that. On 5/4/08, Eyal Golan [EMAIL PROTECTED] wrote: Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) Is there a way to eliminate this? I tried to put a catch surrounding the invalidate, but it's no use. thanks, On Sun, May 4, 2008 at 10:00 AM, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
I got this stack trace: 2008-05-04 14:55:17,638 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) And I got it twice. This is my code: logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidate(); setResponsePage(com.eurekify.web.Login.class); } }; If I put a breakpoint on the setResponsePage(...) line, I stop on it BEFORE the exception. I'm going to take a look at the Login itself. But this is the situation now ... On Sun, May 4, 2008 at 1:41 PM, Johan Compagner [EMAIL PROTECTED] wrote: with using invalidate you shouldnt get that message becacuse then invalidate is being done as last What is the stacktrace then? this should tjust work: getSession().invalidate(); setResponsePage(com.eurekify.web.Login.class); On Sun, May 4, 2008 at 12:02 PM, Eyal Golan [EMAIL PROTECTED] wrote: I tried the normal invalidate before and got the same exception. I'm not sure I understood what you said about the constructor in your other reply. My scenario is like this: The user will press the logout link, the session logs out and I redirect to the Login page. I had another solution like this: public void onClick() { PortalSession session = (PortalSession) getSession(); session.setCredentials(null, );//our own method setResponsePage(com.eurekify.web.Login.class); } It worked, but the I could reenter the pages with the back button. After checking invalidate, I found that it's better, but the I saw this exception. On Sun, May 4, 2008 at 12:48 PM, Johan Compagner [EMAIL PROTECTED] wrote: Why do you do invalidateNow? You want a new session for that next response page? It seems jetty does invalidate but doesnt give us a new one in the same request. Or wicket holds on to the http session object but i dont think we do that. On 5/4/08, Eyal Golan [EMAIL PROTECTED] wrote: Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
though my case is a bit different, but just tried out what u are doing and i dont get any exception, whether i do invalidate or invalidateNow().. not sure why u are getting it and how to avoid the same.. Eyal Golan wrote: Another question (mfs, if you don't mind). I did the invalidate on a link: Link logoutLink = new Link(logoutLink) { private static final long serialVersionUID = 1L; @Override public void onClick() { getSession().invalidateNow(); setResponsePage(com.eurekify.web.Login.class); } }; It works, but I get an IllegalState Exception: 2008-05-04 11:49:06,625 ERROR [org.mortbay.log] - /eurekify/portal/: java.lang.IllegalStateException at org.mortbay.jetty.servlet.AbstractSessionManager$Session.setAttribute(AbstractSessionManager.java:916) at com.eurekify.security.SecurityFilter.doFilterInternal(SecurityFilter.java:41) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:75) at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1065) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:365) at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:185) at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181) at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:689) at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:391) at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114) at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139) at org.mortbay.jetty.Server.handle(Server.java:285) at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:457) at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:751) at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:500) at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:209) at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:357) at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:329) at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:475) Is there a way to eliminate this? I tried to put a catch surrounding the invalidate, but it's no use. thanks, On Sun, May 4, 2008 at 10:00 AM, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Would writing a LogoutFilter be a good option.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17043421.html Sent from the Wicket - User mailing list
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Also my major problem is that when i do an invalidate() in the constructor (with or without any redirection) i am taken to the session-expiry page..I wonder why is that happening...can you please explain that behavior please ? ..the reason as i explained earlier i had to do the same in the in the LogoutPage Constructor is because i need to expose this page to an external non-wicket app (which on logout) would be redirecting to this page (if a wicket session exists)..so as to invalidate my wicket session app.. Johan Compagner wrote: In a constructor of another page is just fine, but use an RestartXxxException. Else you have 2 things that wants to be the response, the redirect and the page you are in. On 5/4/08, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17042343.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17050703.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
I think we need a RedirectToExternalException extends AbortRestartResponseException that sets the RedirectRequestTarget to an external page. Isn't too hard to implement I suppose... public class RedirectToExternalException extends AbstractRestartResponseException { private static final long serialVersionUID = 1L; public RedirectToExternalException(String url) { RequestCycle rc = RequestCycle.get(); if (rc == null) { throw new IllegalStateException( This exception can only be thrown from within request processing cycle); } else { Response r = rc.getResponse(); if (!(r instanceof WebResponse)) { throw new IllegalStateException( This exception can only be thrown when wicket is processing an http request); } // abort any further response processing rc.setRequestTarget(new RedirectRequestTarget(url)); } } } Martijn On 5/4/08, mfs [EMAIL PROTECTED] wrote: Also my major problem is that when i do an invalidate() in the constructor (with or without any redirection) i am taken to the session-expiry page..I wonder why is that happening...can you please explain that behavior please ? ..the reason as i explained earlier i had to do the same in the in the LogoutPage Constructor is because i need to expose this page to an external non-wicket app (which on logout) would be redirecting to this page (if a wicket session exists)..so as to invalidate my wicket session app.. Johan Compagner wrote: In a constructor of another page is just fine, but use an RestartXxxException. Else you have 2 things that wants to be the response, the redirect and the page you are in. On 5/4/08, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17042343.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail:
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Thanks for the follow up Martijn, i will look into this... though I just discovered something which i cant comprehend, but before that below is what i do in my logout page.. String identityToken = MySession.get().getIdentityToken(); Cookie cookie = new Cookie(_JSESSIONID,); cookie.setPath(/xyz); ((WebResponse)RequestCycle.get().getResponse()).addCookie(cookie); // invalidating session getSession().invalidate(); RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + utils.getLogoutURL(identityToken))); Now calling the above code on LogoutLink.onClick() { setResponse(new LogoutPage()) } does invoke the page, does the session invalidation, but instead of taking to the external logout url (as in the last line), it takes me to the session-expiry page, BUT if i invoke the above page using lets say ExternalLink(logoutLink,logout) (where the logout page is mounted as /logout) the above code works like a charm and does take me to the external logout page...Can you please explain as to why this is the case... Also, If this works i can avoid creating/throwing the new exception, unless there are any issues u see with it? I certainly dont have a problem using ExternalLink since i already have to expose the logout page to an external app... Please comment.. Martijn Dashorst wrote: I think we need a RedirectToExternalException extends AbortRestartResponseException that sets the RedirectRequestTarget to an external page. Isn't too hard to implement I suppose... public class RedirectToExternalException extends AbstractRestartResponseException { private static final long serialVersionUID = 1L; public RedirectToExternalException(String url) { RequestCycle rc = RequestCycle.get(); if (rc == null) { throw new IllegalStateException( This exception can only be thrown from within request processing cycle); } else { Response r = rc.getResponse(); if (!(r instanceof WebResponse)) { throw new IllegalStateException( This exception can only be thrown when wicket is processing an http request); } // abort any further response processing rc.setRequestTarget(new RedirectRequestTarget(url)); } } } Martijn On 5/4/08, mfs [EMAIL PROTECTED] wrote: Also my major problem is that when i do an invalidate() in the constructor (with or without any redirection) i am taken to the session-expiry page..I wonder why is that happening...can you please explain that behavior please ? ..the reason as i explained earlier i had to do the same in the in the LogoutPage Constructor is because i need to expose this page to an external non-wicket app (which on logout) would be redirecting to this page (if a wicket session exists)..so as to invalidate my wicket session app.. Johan Compagner wrote: In a constructor of another page is just fine, but use an RestartXxxException. Else you have 2 things that wants to be the response, the redirect and the page you are in. On 5/4/08, mfs [EMAIL PROTECTED] wrote: Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
Looking for some follow up on this.. 1) Just wondering as to why isnt a constructor a good place to do the redirection to an external url , ? 2) What should be the right place for it, given my use-case.. Thanks in advance.. Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p17042343.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
For now, doing an HttpServletResponse.sendRedirect works, but it just logs this error.. ERROR - WebResponse- Unable to redirect to: ?wicket:interface=:1, HTTP Response has already been committed. There has to be a better alternative.. mfs wrote: So you are saying re-direction isn't supported in the constructor ? I cant think of an alternative, given i had to expose a logout page to the external app for wicket apps session invalidation and soon after invalidation i have to it pass to a non-wicket logout html BTW throwing AbortException gives me the following exception 08/04/29 19:34:31 Logout Page - Invalidating Session 08/04/29 19:34:31 Redirecting to external app - https://xyz/context/dy74o1231123zvb/logout ERROR - RequestCycle - Method onLinkClicked of interface org.apache.wicket.markup.html.link.ILinkListener targeted at component [MarkupContainer [Component id = logoutLink, page = xyz.abc.wicket.app.page.SearchPage, path = 0:logoutLink.SearchPage$1, isVisible = true, isVersioned = true]] threw an exception org.apache.wicket.WicketRuntimeException: Method onLinkClicked of interface org.apache.wicket.markup.html.link.ILinkListener targeted at component [MarkupContainer [Component id = logoutLink, page = xyz.abc.wicket.app.page.SearchPage, path = 0:logoutLink.SearchPage$1, isVisible = true, isVersioned = true]] threw an exception at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:194) at org.apache.wicket.request.target.component.listener.ListenerInterfaceRequestTarget.processEvents(ListenerInterfaceRequestTarget.java:73) at org.apache.wicket.request.AbstractRequestCycleProcessor.processEvents(AbstractRequestCycleProcessor.java:91) at org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1166) at org.apache.wicket.RequestCycle.step(RequestCycle.java:1243) at org.apache.wicket.RequestCycle.steps(RequestCycle.java:1331) at org.apache.wicket.RequestCycle.request(RequestCycle.java:493) at org.apache.wicket.protocol.http.WicketFilter.doGet(WicketFilter.java:363) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:194) at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:623) at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370) at com.evermind.server.http.HttpRequestHandler.handleNotFound(HttpRequestHandler.java:1041) at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:911) at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190) at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260) at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303) at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:183) ... 18 more Caused by: org.apache.wicket.AbortException Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will
LogoutPage - Responsible for invalidation and redirection to non-wicket page
Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogoutPage - Responsible for invalidation and redirection to non-wicket page
So you are saying re-direction isn't supported in the constructor ? I cant think of an alternative, given i had to expose a logout page to the external app for wicket apps session invalidation and soon after invalidation i have to it pass to a non-wicket logout html BTW throwing AbortException gives me the following exception 08/04/29 19:34:31 Logout Page - Invalidating Session 08/04/29 19:34:31 Redirecting to external app - https://xyz/context/dy74o1231123zvb/logout ERROR - RequestCycle - Method onLinkClicked of interface org.apache.wicket.markup.html.link.ILinkListener targeted at component [MarkupContainer [Component id = logoutLink, page = xyz.abc.wicket.app.page.SearchPage, path = 0:logoutLink.SearchPage$1, isVisible = true, isVersioned = true]] threw an exception org.apache.wicket.WicketRuntimeException: Method onLinkClicked of interface org.apache.wicket.markup.html.link.ILinkListener targeted at component [MarkupContainer [Component id = logoutLink, page = xyz.abc.wicket.app.page.SearchPage, path = 0:logoutLink.SearchPage$1, isVisible = true, isVersioned = true]] threw an exception at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:194) at org.apache.wicket.request.target.component.listener.ListenerInterfaceRequestTarget.processEvents(ListenerInterfaceRequestTarget.java:73) at org.apache.wicket.request.AbstractRequestCycleProcessor.processEvents(AbstractRequestCycleProcessor.java:91) at org.apache.wicket.RequestCycle.processEventsAndRespond(RequestCycle.java:1166) at org.apache.wicket.RequestCycle.step(RequestCycle.java:1243) at org.apache.wicket.RequestCycle.steps(RequestCycle.java:1331) at org.apache.wicket.RequestCycle.request(RequestCycle.java:493) at org.apache.wicket.protocol.http.WicketFilter.doGet(WicketFilter.java:363) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:194) at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:623) at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370) at com.evermind.server.http.HttpRequestHandler.handleNotFound(HttpRequestHandler.java:1041) at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:911) at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302) at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190) at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260) at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303) at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.wicket.RequestListenerInterface.invoke(RequestListenerInterface.java:183) ... 18 more Caused by: org.apache.wicket.AbortException Johan Compagner wrote: I think this usecase should be supported but isnt the best way, you should throw an AbortException when you want to redirect in the constructor. Dont know from top of my head if we have one just for an url but that is easily made On 4/30/08, mfs [EMAIL PROTECTED] wrote: Guys, I have a LogoutPage which does the following in its constructor LogoutPage() { getSession().invalidate(); // redirecting to the external app logout page RequestCycle.get().setRequestTarget( new RedirectRequestTarget(Host.getHttpsUrl() + xyz.getLogoutURL())); getRequestCycle().setRedirect(true); } Now, for some reasons the redirect to the specified external app page doesnt happen, infact i am taken to the session-expired page (which is because the request comes to wicket app, instead of redirection to this external app) . Let me add that i am using wiket-auth-roles for authorization... Also the reason i am doing this inside the Page itself (and not in the onClick or some other event as suggested in another other thread) is because i need to expose this LogoutPage to an external app as well, which will redirect to this page after invalidating the sessionThis part of Interoperability/SingleSignon Support. Thanks in advance. -- View this message in context: http://www.nabble.com/LogoutPage---Responsible-for-invalidation-and-redirection-to-non-wicket-page-tp16974119p16974119.html Sent from the Wicket - User mailing list archive at