Hi, I also have the problem with resources if I mount the application on anything else but "/". Following changes seem to fix it either form "/" and "/xxx":
1-SecureForm public class SecureForm<T> extends Form<T> { private static final long serialVersionUID = 1L; /** * Constructor. * * @param id See Component */ public SecureForm(String id) { super(id); } /** * @param id See Component * @param model See Component * * @see org.apache.wicket.Component#Component(String, IModel) */ public SecureForm(String id, IModel<T> model) { super(id, model); } /* * (non-Javadoc) * @see org.apache.wicket.markup.html.form.Form#onComponentTag(org.apache.wicket.markup.ComponentTag) */ @Override protected void onComponentTag(ComponentTag tag) { super.onComponentTag(tag); String action = tag.getAttribute("action"); if(!action.startsWith("http")) action = RequestUtils.toAbsolutePath(action); // rewrite action to use HTTPs if(!action.startsWith("https")) action = replacePort("https"+action.substring(4)); tag.put("action", action); } private String replacePort(String action) { RequestCycle requestCycle = RequestCycle.get(); SecureHttpsRequestCycleProcessor processor = (SecureHttpsRequestCycleProcessor)requestCycle.getProcessor(); Integer port = processor.getConfig().getHttpPort(); Integer httpsPort = processor.getConfig().getHttpsPort(); action.replace(":"+Integer.toString(port)+"/", ":"+Integer.toString(httpsPort)+"/"); return action; } } 2-SecureBufferedWebResponse.getUrl protected String getUrl(String protocol, Integer port, HttpServletRequest request, String queryString) { if(queryString.startsWith("http") || queryString.startsWith("https")) return queryString; StringBuilder result = new StringBuilder(); result.append(protocol); result.append("://"); result.append(request.getServerName()); if (port != null) { result.append(":"); result.append(port); } result.append(request.getRequestURI()); if (queryString != null) { if(queryString.indexOf("../")>=0) { queryString = Strings.replaceAll(queryString, "../", "").toString(); } else if(!queryString.startsWith("?")) result.append("?"); result.append(queryString); } return result.toString(); } Can you try the above and see if it works for you? Ernesto On Wed, Oct 27, 2010 at 9:29 AM, sonxurxo <sonxu...@gmail.com> wrote: > > Hi Ernesto, > > I tried your code and it's working for me, just with one issue I mention at > the end of this post. I had to make just 3 modifications: the method > resolve() stays like this: > > public IRequestTarget resolve(RequestCycle rc, RequestParameters rp) > { > > // if (portConfig.isPreferStateful()) { > Session.get().bind(); > // } > > IRequestTarget target = super.resolve(rc, rp); > return checkSecure(target); > } > > because I can not find the isPreferStateful() method, and the SecureForm > onComponentTag() is like this: > > @Override > protected void onComponentTag(ComponentTag tag) { > super.onComponentTag(tag); > String action = tag.getAttribute("action"); > action = RequestUtils.toAbsolutePath(action); > if(!action.startsWith("https")) { > action = "https" + action.substring(4); > action = > action.replace(String.valueOf(MeteosixApplication.get().getHttpPort()), > > String.valueOf(MeteosixApplication.get().getHttpsPort())); > } > tag.put("action", action); > } > > to also substitute the port numbers in the action (I get them from my > Application class with custom methods). > > and the annotation @SemiSecurePage is not needed at all, since it will enter > the ifs the same, so you can freely remove it. > > The issue is that when validation fails, it does not find the CSS because my > browser is requesting it without the context (e.g. > http://localhost:9090/styles/main/layout.css instead of > http://localhost:9090/myapplication/styles/main/layout.css). Does not it > happen to you? How can I fix that? When does Wicket establish the URL for > static resources like that this? I'm adding it this way: > > add(CSSPackageResource.getHeaderContribution("styles/main/layout.css")); > > The rest of the solution works great, I didn't have much time to inspect it > (I can see the tricky parts :) ) and to check how much > wicket-version-dependent it can be, but I think it's OK (since it's > working!). > > So the only thing is to fix the CSS issue, do you have any idea of how...? > Thank you > -- > View this message in context: > http://apache-wicket.1842946.n4.nabble.com/SSL-Links-and-buttons-tp3001634p3014970.html > Sent from the Users forum mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org > For additional commands, e-mail: users-h...@wicket.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org