Subclassing RequestCycle would give me control on begin/end of the request, i wouldnt still have access to the Wicket Session...right..i am not sure if a wicket session is initiated at that time?
If not, a plain servlet filter also gives me control in the beginning of the request, except for the fact that i have am playing with HttpRequest,response, where as wicket requestcycle gives me an abstracted view of these classes, other than i am just wondering as to what i would be able to achieve... I can still do all the authentication stuff (check for authtoken/cookie) in a normal filter too..isnt it?..unless am missing something.. Farhan. Alex Jacoby-2 wrote: > > Would subclassing your wicket RequestCycle work? That's where I'm > doing similar authentication stuff right now and it seems to be > working well. It seems like Session is harder to integrate with > external apps since actions can happen that it's unaware of. If you > use RequestCycle you can check cookies, tokens, etc, on each request, > which is really where you want to do it since you have no idea if the > user did something (like logout) in the external app. > > Alex > > On Apr 15, 2008, at 1:22 PM, mfs wrote: >> >> Yeah i need to..i.e. the very authentication token so that for >> subsequent >> request i cant avoid the authentication call.. >> >> Well i can opt for HttpSession but then i will be using the same >> wherever in >> my pages i need it (there are a couple of scenarios where i need to >> pass the >> info back), and hence compromising the abstraction wicket provides.. >> >> >> Johan Compagner wrote: >>> >>> if there is no session >>> do you already want to store something? >>> >>> On Tue, Apr 15, 2008 at 3:10 AM, mfs <[EMAIL PROTECTED]> wrote: >>> >>>> >>>> Guys, >>>> >>>> Please comment.. >>>> >>>> I have a non-wicket AuthenticationFilter which is intercepting all >>>> request >>>> to my wicket-app and checking if the request is coming in from a >>>> valid >>>> user. >>>> Basically in the url am passed over an authenticationToken (by >>>> another >>>> application where the user has signed in already). Now in my >>>> AuthenticationFilter i check if that is a valid token and if yes i >>>> want >>>> to >>>> set some attribute (isAuthenticated etc) in wicket-session, . >>>> >>>> The problem is that the wicket session has yet not been created >>>> (because >>>> this is the first request to the wicket app, intercepted by the >>>> filter), >>>> and >>>> hence i get this error "you can only locate or create sessions in >>>> the >>>> context of a request cycle", when i try do a Session.get(). >>>> >>>> I am already using WicketSessionFilter which would expose my wicket >>>> session >>>> to my non-wicket filter. The problem is just for the first >>>> request, where >>>> a >>>> wicket session yet doesnt exist. >>>> >>>> I am thinking of using HttpSession directly in my filter and store >>>> all >>>> the >>>> session data there, but before i do so, i thought to check if >>>> anyone has >>>> a >>>> better work around, ideally i would want to avoid using it. >>>> >>>> Thanks in advance >>>> >>>> Farhan >>>> -- >>>> View this message in context: >>>> http://www.nabble.com/Can-only-locate-or-create-session-in-the-context-of-a-request-cycle.-tp16693084p16693084.html >>>> Sent from the Wicket - User mailing list archive at Nabble.com. >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>>> For additional commands, e-mail: [EMAIL PROTECTED] >>>> >>>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Re%3A-Can-only-locate-or-create-session-in-the-context-of-a-request-cycle.-tp16696797p16703394.html >> Sent from the Wicket - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Re%3A-Can-only-locate-or-create-session-in-the-context-of-a-request-cycle.-tp16696797p16727266.html Sent from the Wicket - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]