Hi again Igor,
I did the following now:
I called the website directly with https://localhost:8443/projectname and then
I performed a login and it worked.
Any idea?
Thx Arthur
________________________________
Von: Igor Vaynberg <igor.vaynb...@gmail.com>
An: users@wicket.apache.org
Gesendet: Sonntag, den 26. Juli 2009, 22:22:22 Uhr
Betreff: Re: AW: SSL - ajax login
the href is not a problem; you seeing # appended to the end of the url
is the correct behavior. what should have happened was the ajax call
to that https url in the background.
so what you should be looking into is why the ajax call with that
https url was never made or response from it not processed, since we
know the url itself works - because you pasted it into the browser and
it worked. maybe wicket ajax console can give you a clue, firebug also
has facilities that let you monitor requests being made. you should
see a call to that https url when you click the link.
-igor
On Sun, Jul 26, 2009 at 1:15 PM, Arthur Leigh
Allen<arthurleigh.al...@yahoo.de> wrote:
> Hi Igor,
>
> I used Firebug to have a look at the onClick event.
> I've inspected two links, one usual ajax link and one for the ssl login.
>
> ----
>
> Regarding the first link:
> href="?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:linkForgotLogin:container:link::ILinkListener::"
>
> onClick="var
> wcall=wicketAjaxGet('?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:linkForgotLogin:container:link::IBehaviorListener:0:',null,null,
> function() {return Wicket.$('link141') != null;}.bind(this));return !wcall;"
>
> ----
>
> Regarding the ssl login link:
> href="#"
>
> onClick="var wcall=wicketSubmitFormById('loginForm13b',
> 'https://localhost:8443/projectname/?wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:buttonLogin:container:link::IActivePageBehaviorListener:0:&wicket:ignoreIfNotActive=true',
> 'buttonLogin:container:link' ,null,null, function() {return
> Wicket.$$(this)&&Wicket.$$('loginForm13b')}.bind(this));;; return false;"
>
> ----
>
> I clicked on the ssl login link and the page jumped to the anchor # but the
> form is not submitted. The symbol # was appended to the address bar of the
> browser.
> I copied the url in the onClick event and entered it manually in the address
> bar of my browser. The xml code for the ajax response was shown in the
> browser - as known from wicket ajax debug.
>
> I guess the problem is the href attribute. I would expect to see an url like
> https://localhost:8443/projectname/wicket:interface=:6:content:container:areaTop:2:panelTop:container:loginForm:buttonLogin:container:link::
> [etc.]
>
> Do you have any idea how I can solve the problem?
>
> Thx,
> Arthur
>
>
>
>
>
>
>
> ________________________________
> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
> An: users@wicket.apache.org
> Gesendet: Freitag, den 24. Juli 2009, 21:51:48 Uhr
> Betreff: Re: AW: SSL - ajax login
>
> whatever url you see when hovering over the link is not the url used
> for ajax - not necessarily. you should inspect the onclick handlers.
>
> -igor
>
> On Fri, Jul 24, 2009 at 12:20 PM, Arthur Leigh
> Allen<arthurleigh.al...@yahoo.de> wrote:
>> no, sorry... the url is not changing to http://locahost:8080/projectname/#
>> but when I hold the mouse pointer over the link, I see the url in the status
>> bar. When I hold the mouse pointer over other links, I see very long urls a
>> la http://localhost:8080/projectname/;jsessionid=....wicket:interface.....
>>
>> But as you suggested, I'll debug the javascript to see the url modifications.
>> Thank you for your support Igor!
>>
>> Have a nice weekend.
>> Greetz, Arthur
>>
>>
>>
>> ________________________________
>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>> An: users@wicket.apache.org
>> Gesendet: Freitag, den 24. Juli 2009, 17:30:27 Uhr
>> Betreff: Re: AW: SSL - ajax login
>>
>> no, i havent tried it myself. i never had to do an ajax login.
>>
>> the url in the browser changes to http://locahost:8080/projectname/# ?
>> thats fine. the main part is what the actual ajax url is used - you
>> wont see that in the browser's bar. i suggest you use firebug or
>> something similar to walk the javascript and see why your *ajax* url
>> is being mangled.
>>
>> obviously if you return just "https://localhost:8443/projectname"; that
>> will not work because that doesnt have the listener interface target
>> that will hit the behavior in your button.
>>
>> -igor
>>
>>
>> On Fri, Jul 24, 2009 at 2:19 AM, Arthur Leigh
>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>> Hi Igor,
>>>
>>> I tried to do it as simple as possible so I returned
>>> https://localhost:8443/projectname in the overridden method getCallbackUrl
>>> of AjaxFormSubmitBehavior. The result was the same. The link pointed to the
>>> url http://locahost:8080/projectname/#. It seems to me that only relative
>>> pathes can be returned, else the standard url will be used.
>>>
>>> I wanted to understand how the given url is used in wicket. I found the
>>> method wicketAjaxGet in wicket-ajax.js. There the url is passed to
>>> Wicket.Ajax.Call(...). I couldn't trace the call deeper because I couldn't
>>> find Call() in any javascript file.
>>>
>>> Have you tried it yourself Igor? Does it work?
>>> I'm using wicket 1.3.5. Does it depend on the version I use?
>>>
>>> Is there a different entry point to manipulate the url for ajax calls?
>>>
>>> Thx again
>>> Arthur
>>>
>>>
>>>
>>> ________________________________
>>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>>> An: users@wicket.apache.org
>>> Gesendet: Donnerstag, den 23. Juli 2009, 16:37:22 Uhr
>>> Betreff: Re: AW: SSL - ajax login
>>>
>>> javascript invokes the url you give it, so it looked like it should
>>> work. you might have to trace deeper to see whats going on.
>>>
>>> -igor
>>>
>>> On Thu, Jul 23, 2009 at 4:41 AM, Arthur Leigh
>>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>>> Hi Igor,
>>>>
>>>> I did it as you said.
>>>> I took the code from AjaxFallbackButton and I copied it to an own class.
>>>> In the constructor I overwrite the getCallbackUrl() method of the
>>>> AjaxFormSubmitBehavior.
>>>> I added the value https://localhost:8443/projectname/ as a prefix to
>>>> super.getCallbackUrl().
>>>> By the way: getCallbackUrl() returns a long relative url beginning with
>>>> ";sessionid".
>>>> So my url is https://localhost:8443/projectname/;sessionid...
>>>>
>>>> When starting tomcat and accessing the website, the url wasn't applied.
>>>> When clicking the link, the url http://localhost:8080/projectname/# was
>>>> called.
>>>> I believe it's the wrong place to manipulate the url. Maybe it is expected
>>>> to return a relative path
>>>> beginning with ";sessionid". That url is maybe manipulated at a different
>>>> place, so in my case the
>>>> end result would be
>>>> http://localhost:8080/projectname/https://localhost:8443/projectname/;sessionid.
>>>> That would result in an error and maybe
>>>> http://localhost:8080/projectname/# is used therefore.
>>>>
>>>> Am I wrong?
>>>>
>>>> Thx
>>>> Arthur
>>>>
>>>>
>>>>
>>>>
>>>> ________________________________
>>>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>>>> An: users@wicket.apache.org
>>>> Gesendet: Mittwoch, den 22. Juli 2009, 18:31:27 Uhr
>>>> Betreff: Re: AW: SSL - ajax login
>>>>
>>>> ah, i thought i replied already because i looked into this yesterday.
>>>>
>>>> you will have to roll your own button. i would recommend looking at
>>>> the sourcecode of the default button. when you add the
>>>> formsubmitbehavior in your button you can override getcallbackurl()
>>>> and append https to it.
>>>>
>>>> -igor
>>>>
>>>> On Wed, Jul 22, 2009 at 2:37 AM, Arthur Leigh
>>>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>>>> Hi again,
>>>>>
>>>>> I need to know if it's possible to switch to SSL via button or form.
>>>>> Otherwise I have to switch back to wicket 1.3.5. I'm in hurry because
>>>>> we will go online within the next 10-14 days.
>>>>>
>>>>> Can anyone give me a prompt answer please?
>>>>>
>>>>> Thx & Best regards
>>>>> Arthur
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> Von: Arthur Leigh Allen <arthurleigh.al...@yahoo.de>
>>>>> An: users@wicket.apache.org
>>>>> Gesendet: Dienstag, den 21. Juli 2009, 19:18:18 Uhr
>>>>> Betreff: AW: SSL - ajax login
>>>>>
>>>>> Hello Igor,
>>>>>
>>>>> thanks for your early reply.
>>>>> Yes, my login form is submitted via ajax.
>>>>>
>>>>> public class BasePage {
>>>>>
>>>>> public void switchViaAjax(...) { ... }
>>>>> public void navigateViaAjax(...) { ... }
>>>>>
>>>>> }
>>>>>
>>>>> @RequireHttps
>>>>> public class SSLForm extends Form { ... }
>>>>>
>>>>> public class LoginPanel {
>>>>>
>>>>> public LoginPanel() { ... }
>>>>>
>>>>> public create() {
>>>>> SSLForm form = new SSLForm("loginForm");
>>>>> form.add(username);
>>>>> form.add(password);
>>>>>
>>>>> AjaxFallbackButton loginButton = new
>>>>> AjaxFallbackButton("loginButton", form) {
>>>>> protected void onSubmit(AjaxRequestTarget target, Form form) {
>>>>> // perform login => login is done via http
>>>>> }
>>>>> }
>>>>> }
>>>>> }
>>>>>
>>>>> As you said @RequireSSL is for pages.
>>>>> Do you have any idea how I can remove @RequireHttps from the top of my
>>>>> BasePage and switch to https on login?
>>>>> Currently I think the only way to provide a ssl ajax call is to show the
>>>>> base page via ssl as a starting basis.
>>>>>
>>>>> Therefore I have to use @RequireSSL on the BasePage but that means every
>>>>> communication is done via ssl
>>>>> and that means more server ballast and a slower page refresh.
>>>>>
>>>>> Greetings
>>>>> Arthur
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> Von: Igor Vaynberg <igor.vaynb...@gmail.com>
>>>>> An: users@wicket.apache.org
>>>>> Gesendet: Dienstag, den 21. Juli 2009, 18:08:48 Uhr
>>>>> Betreff: Re: SSL - ajax login
>>>>>
>>>>> @RequreHttps is meant to be a page-level feature, so it doesnt fit your
>>>>> usecase.
>>>>>
>>>>> is your login form submitted via ajax?
>>>>>
>>>>> show us the code to sslform, your login form - making sure to include
>>>>> the code to the component that submits it.
>>>>>
>>>>> -igor
>>>>>
>>>>> On Tue, Jul 21, 2009 at 8:34 AM, Arthur Leigh
>>>>> Allen<arthurleigh.al...@yahoo.de> wrote:
>>>>>> Hello folks,
>>>>>>
>>>>>> I'm using wicket 1.4 RC7 now and I have a question regarding the usage
>>>>>> of ssl.
>>>>>> I use the HttpsRequestCycleProcessor with the annotation @RequireHttps.
>>>>>>
>>>>>> Imagine the following case like it is realized on different sites like
>>>>>> web.de or gmx.de as well as xing.com.
>>>>>> The first call will result in a http url. If you enter your login name
>>>>>> and your password and submit the form,
>>>>>> then the form will be send via https.
>>>>>>
>>>>>> I only have one page. Everything on my page is exchanged via ajax. The
>>>>>> login is also done via ajax.
>>>>>> Currently I use the annotation above for my BasePage but from the first
>>>>>> call, the whole communication
>>>>>> is done with ssl.
>>>>>>
>>>>>> What I would like to realize is: Using the @RequireHttps annotation on
>>>>>> forms or submit buttons.
>>>>>> I implemented an own SSLForm class extending the wicket form class with
>>>>>> the annotation.
>>>>>> But when I use the SSLForm for my login, the communication is done
>>>>>> without ssl.
>>>>>> I would like to use my page via http, but the ajax login should be done
>>>>>> with ssl.
>>>>>>
>>>>>> The only thing I can do now is:
>>>>>> -page completely with ssl
>>>>>> -page completely without ssl
>>>>>>
>>>>>> I would appreciate any help.
>>>>>>
>>>>>> Best regards,
>>>>>> Arthur
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>>>
>>>>>
>>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>>
>>>>
>>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>>> For additional commands, e-mail: users-h...@wicket.apache.org
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
>> For additional commands, e-mail: users-h...@wicket.apache.org
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
