Hi Igor,

I used Firebug to have a look at the onClick event.
I've inspected two links, one usual ajax link and one for the ssl login.

----

Regarding the first link:
href="?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:linkForgotLogin:container:link::ILinkListener::"

onClick="var 
wcall=wicketAjaxGet('?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:linkForgotLogin:container:link::IBehaviorListener:0:',null,null,
 function() {return Wicket.$('link141') != null;}.bind(this));return !wcall;"

----

Regarding the ssl login link:
href="#"

onClick="var wcall=wicketSubmitFormById('loginForm13b', 
'https://localhost:8443/projectname/?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:buttonLogin:container:link::IActivePageBehaviorListener:0:&wicket:ignoreIfNotActive=true',
 'buttonLogin:container:link' ,null,null, function() {return 
Wicket.$$(this)&&Wicket.$$('loginForm13b')}.bind(this));;; return false;"

----

I clicked on the ssl login link and the page jumped to the anchor # but the 
form is not submitted. The symbol # was appended to the address bar of the 
browser.
I copied the url in the onClick event and entered it manually in the address 
bar of my browser. The xml code for the ajax response was shown in the browser 
- as known from wicket ajax debug.

I guess the problem is the href attribute. I would expect to see an url like 
https://localhost:8443/projectname/wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:buttonLogin:container:link::
 [etc.]

Do you have any idea how I can solve the problem?

Thx,
Arthur



 



________________________________
Von: Igor Vaynberg <igor.vaynb...@gmail.com>
An: users@wicket.apache.org
Gesendet: Freitag, den 24. Juli 2009, 21:51:48 Uhr
Betreff: Re: AW: SSL - ajax login

whatever url you see when hovering over the link is not the url used
for ajax - not necessarily. you should inspect the onclick handlers.

-igor

On Fri, Jul 24, 2009 at 12:20 PM, Arthur Leigh
Allen<arthurleigh.al...@yahoo.de> wrote:
> no, sorry... the url is not changing to http://locahost:8080/projectname/# 
> but when I hold the mouse pointer over the link, I see the url in the status 
> bar. When I hold the mouse pointer over other links, I see very long urls a 
> la http://localhost:8080/projectname/;jsessionid=....wicket:interface.....
>
> But as you suggested, I'll debug the javascript to see the url modifications.
> Thank you for your support Igor!
>
> Have a nice weekend.
> Greetz, Arthur
>
>
>
> ________________________________
> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
> An: users@wicket.apache.org
> Gesendet: Freitag, den 24. Juli 2009, 17:30:27 Uhr
> Betreff: Re: AW: SSL - ajax login
>
> no, i havent tried it myself. i never had to do an ajax login.
>
> the url in the browser changes to http://locahost:8080/projectname/# ?
> thats fine. the main part is what the actual ajax url is used - you
> wont see that in the browser's bar. i suggest you use firebug or
> something similar to walk the javascript and see why your *ajax* url
> is being mangled.
>
> obviously if you return just "https://localhost:8443/projectname"; that
> will not work because that doesnt have the listener interface target
> that will hit the behavior in your button.
>
> -igor
>
>
> On Fri, Jul 24, 2009 at 2:19 AM, Arthur Leigh
> Allen<arthurleigh.al...@yahoo.de> wrote:
>> Hi Igor,
>>
>> I tried to do it as simple as possible so I returned 
>> https://localhost:8443/projectname in the overridden method getCallbackUrl 
>> of AjaxFormSubmitBehavior. The result was the same. The link pointed to the 
>> url http://locahost:8080/projectname/#. It seems to me that only relative 
>> pathes can be returned, else the standard url will be used.
>>
>> I wanted to understand how the given url is used in wicket. I found the 
>> method wicketAjaxGet in wicket-ajax.js. There the url is passed to 
>> Wicket.Ajax.Call(...). I couldn't trace the call deeper because I couldn't 
>> find Call() in any javascript file.
>>
>> Have you tried it yourself Igor? Does it work?
>> I'm using wicket 1.3.5. Does it depend on the version I use?
>>
>> Is there a different entry point to manipulate the url for ajax calls?
>>
>> Thx again
>> Arthur
>>
>>
>>
>> ________________________________
>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>> An: users@wicket.apache.org
>> Gesendet: Donnerstag, den 23. Juli 2009, 16:37:22 Uhr
>> Betreff: Re: AW: SSL - ajax login
>>
>> javascript invokes the url you give it, so it looked like it should
>> work. you might have to trace deeper to see whats going on.
>>
>> -igor
>>
>> On Thu, Jul 23, 2009 at 4:41 AM, Arthur Leigh
>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>> Hi Igor,
>>>
>>> I did it as you said.
>>> I took the code from AjaxFallbackButton and I copied it to an own class.
>>> In the constructor I overwrite the getCallbackUrl() method of the 
>>> AjaxFormSubmitBehavior.
>>> I added the value https://localhost:8443/projectname/ as a prefix to 
>>> super.getCallbackUrl().
>>> By the way: getCallbackUrl() returns a long relative url beginning with 
>>> ";sessionid".
>>> So my url is https://localhost:8443/projectname/;sessionid...
>>>
>>> When starting tomcat and accessing the website, the url wasn't applied.
>>> When clicking the link, the url http://localhost:8080/projectname/# was 
>>> called.
>>> I believe it's the wrong place to manipulate the url. Maybe it is expected 
>>> to return a relative path
>>> beginning with ";sessionid". That url is maybe manipulated at a different 
>>> place, so in my case the
>>> end result would be 
>>> http://localhost:8080/projectname/https://localhost:8443/projectname/;sessionid.
>>> That would result in an error and maybe 
>>> http://localhost:8080/projectname/# is used therefore.
>>>
>>> Am I wrong?
>>>
>>> Thx
>>> Arthur
>>>
>>>
>>>
>>>
>>> ________________________________
>>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>>> An: users@wicket.apache.org
>>> Gesendet: Mittwoch, den 22. Juli 2009, 18:31:27 Uhr
>>> Betreff: Re: AW: SSL - ajax login
>>>
>>> ah, i thought i replied already because i looked into this yesterday.
>>>
>>> you will have to roll your own button. i would recommend looking at
>>> the sourcecode of the default button. when you add the
>>> formsubmitbehavior in your button you can override getcallbackurl()
>>> and append https to it.
>>>
>>> -igor
>>>
>>> On Wed, Jul 22, 2009 at 2:37 AM, Arthur Leigh
>>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>>> Hi again,
>>>>
>>>> I need to know if it's possible to switch to SSL via button or form.
>>>> Otherwise I have to switch back to wicket 1.3.5. I'm in hurry because
>>>> we will go online within the next 10-14 days.
>>>>
>>>> Can anyone give me a prompt answer please?
>>>>
>>>> Thx & Best regards
>>>> Arthur
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> Von: Arthur Leigh Allen <arthurleigh.al...@yahoo.de>
>>>> An: users@wicket.apache.org
>>>> Gesendet: Dienstag, den 21. Juli 2009, 19:18:18 Uhr
>>>> Betreff: AW: SSL - ajax login
>>>>
>>>> Hello Igor,
>>>>
>>>> thanks for your early reply.
>>>> Yes, my login form is submitted via ajax.
>>>>
>>>> public class BasePage {
>>>>
>>>>     public void switchViaAjax(...) { ... }
>>>>     public void navigateViaAjax(...) { ... }
>>>>
>>>> }
>>>>
>>>> @RequireHttps
>>>> public class SSLForm extends Form { ... }
>>>>
>>>> public class LoginPanel {
>>>>
>>>>     public LoginPanel() { ... }
>>>>
>>>>     public create() {
>>>>         SSLForm form = new SSLForm("loginForm");
>>>>         form.add(username);
>>>>         form.add(password);
>>>>
>>>>         AjaxFallbackButton loginButton = new 
>>>> AjaxFallbackButton("loginButton", form) {
>>>>             protected void onSubmit(AjaxRequestTarget target, Form form) {
>>>>                 // perform login => login is done via http
>>>>             }
>>>>         }
>>>>     }
>>>> }
>>>>
>>>> As you said @RequireSSL is for pages.
>>>> Do you have any idea how I can remove @RequireHttps from the top of my 
>>>> BasePage and switch to https on login?
>>>> Currently I think the only way to provide a ssl ajax call is to show the 
>>>> base page via ssl as a starting basis.
>>>>
>>>> Therefore I have to use @RequireSSL on the BasePage but that means every 
>>>> communication is done via ssl
>>>> and that means more server ballast and a slower page refresh.
>>>>
>>>> Greetings
>>>> Arthur
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>>>> An: users@wicket.apache.org
>>>> Gesendet: Dienstag, den 21. Juli 2009, 18:08:48 Uhr
>>>> Betreff: Re: SSL - ajax login
>>>>
>>>> @RequreHttps is meant to be a page-level feature, so it doesnt fit your 
>>>> usecase.
>>>>
>>>> is your login form submitted via ajax?
>>>>
>>>> show us the code to sslform, your login form - making sure to include
>>>> the code to the component that submits it.
>>>>
>>>> -igor
>>>>
>>>> On Tue, Jul 21, 2009 at 8:34 AM, Arthur Leigh
>>>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>>>> Hello folks,
>>>>>
>>>>> I'm using wicket 1.4 RC7 now and I have a question regarding the usage of 
>>>>> ssl.
>>>>> I use the HttpsRequestCycleProcessor with the annotation @RequireHttps.
>>>>>
>>>>> Imagine the following case like it is realized on different sites like 
>>>>> web.de or gmx.de as well as xing.com.
>>>>> The first call will result in a http url. If you enter your login name 
>>>>> and your password and submit the form,
>>>>> then the form will be send via https.
>>>>>
>>>>> I only have one page. Everything on my page is exchanged via ajax. The 
>>>>> login is also done via ajax.
>>>>> Currently I use the annotation above for my BasePage but from the first 
>>>>> call, the whole communication
>>>>> is done with ssl.
>>>>>
>>>>> What I would like to realize is: Using the @RequireHttps annotation on 
>>>>> forms or submit buttons.
>>>>> I implemented an own SSLForm class extending the wicket form class with 
>>>>> the annotation.
>>>>> But when I use the SSLForm for my login, the communication is done 
>>>>> without ssl.
>>>>> I would like to use my page via http, but the ajax login should be done 
>>>>> with ssl.
>>>>>
>>>>> The only thing I can do now is:
>>>>> -page completely with ssl
>>>>> -page completely without ssl
>>>>>
>>>>> I would appreciate any help.
>>>>>
>>>>> Best regards,
>>>>> Arthur
>>>>>
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>>
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org


      

Reply via email to