dont use a wicket form if you dont want it processed by wicket. -igor
On Mon, Dec 7, 2009 at 3:45 AM, Alfredo Aleandri <[email protected]> wrote: > Hi all, > I've setup my container-authentication (form based) using a simple > SigninPage (mounted on /login) and a dummy protected url "/protected", here > is the web.xml relevant code: > > <security-constraint> > <web-resource-collection>w > <web-resource-name>myapp</web-resource-name> > <url-pattern>/protected</url-pattern> > <http-method>GET</http-method> > <http-method>POST</http-method> > </web-resource-collection> > </security-constraint> > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/login</form-login-page> > <form-error-page>/error</form-error-page> > </form-login-config> > </login-config> > > I've extended AbstractPageAuthorizationStrategy to redirect all protected > pages access to the container-protected url (/protected) and activate the > container authentication. > > When the user request a protected page, for example "GET /app/protected > HTTP/1.1" all works good: the configured <form-login-page> is returned as > response and the requested url will not change as expected. > The login page contains a form with two input (username/password) and a > combo for user profiles, so I need to post to the sign in page to load > available user profiles. > > The problem is that the form action attribute created by wicket is something > like "?wicket:interface=:0:privateLogin::IFormSubmitListener::" that produce > a POST to "/app/protected?wicket:interface=:0:privateLogin:ajaxButton::" > INSTEAD OF "/app/login". > This cause a new sign in page instantiation discarding user input. How can I > obtain to POST to the sign in page instead of the requested url > (/app/protected) ? > > I don't want to do a redirect to login page (that trick works) because I > would like to avoid the user bookmark the login page that prevent to > activate the container-based authentication. > > Thank you > > alf > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
