urls are session-relative. meaning a url you get from one session will not work in another. if you want urls to work across session, such as the case with bookmarkable pages - http://server.com/view/profile/15 - you must explicitly mount the page to the url.
-igor On Thu, Sep 18, 2008 at 9:02 AM, cj91 <[EMAIL PROTECTED]> wrote: > > My company is planning an extremely large web project and Wicket is a > candidate for use. My manager pointed out some unsettling words on the > Wicket FAQ, which are ambiguous unfortunately. > http://wicket.apache.org/features.html > >>>>Wicket is secure by default. URLs do not expose sensitive information and > all component paths are >>>>session-relative. Explicit steps must be taken to share information > between sessions. There are plans >>>>for the next version of Wicket to add URL encryption to support highly > secure web sites. > > > Can someone please elaborate on what is meant by "Explicit steps must be > taken to share information between sessions." > > Thank you, > -Jonathan > -- > View this message in context: > http://www.nabble.com/Wicket-not-secure--tp19556259p19556259.html > Sent from the Wicket - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]