Hi,
I also have the problem with resources if I mount the application on
anything else but "/". Following changes seem to fix it either form
"/" and "/xxx":
1-SecureForm
public class SecureForm<T> extends Form<T>
{
private static final long serialVersionUID = 1L;
/**
* Constructor.
*
* @param id See Component
*/
public SecureForm(String id)
{
super(id);
}
/**
* @param id See Component
* @param model See Component
*
* @see org.apache.wicket.Component#Component(String, IModel)
*/
public SecureForm(String id, IModel<T> model)
{
super(id, model);
}
/*
* (non-Javadoc)
* @see
org.apache.wicket.markup.html.form.Form#onComponentTag(org.apache.wicket.markup.ComponentTag)
*/
@Override
protected void onComponentTag(ComponentTag tag)
{
super.onComponentTag(tag);
String action = tag.getAttribute("action");
if(!action.startsWith("http"))
action = RequestUtils.toAbsolutePath(action);
// rewrite action to use HTTPs
if(!action.startsWith("https"))
action = replacePort("https"+action.substring(4));
tag.put("action", action);
}
private String replacePort(String action) {
RequestCycle requestCycle = RequestCycle.get();
SecureHttpsRequestCycleProcessor processor =
(SecureHttpsRequestCycleProcessor)requestCycle.getProcessor();
Integer port = processor.getConfig().getHttpPort();
Integer httpsPort = processor.getConfig().getHttpsPort();
action.replace(":"+Integer.toString(port)+"/",
":"+Integer.toString(httpsPort)+"/");
return action;
}
}
2-SecureBufferedWebResponse.getUrl
protected String getUrl(String protocol, Integer port,
HttpServletRequest request, String queryString)
{
if(queryString.startsWith("http") ||
queryString.startsWith("https"))
return queryString;
StringBuilder result = new StringBuilder();
result.append(protocol);
result.append("://");
result.append(request.getServerName());
if (port != null)
{
result.append(":");
result.append(port);
}
result.append(request.getRequestURI());
if (queryString != null)
{
if(queryString.indexOf("../")>=0)
{
queryString = Strings.replaceAll(queryString,
"../", "").toString();
} else if(!queryString.startsWith("?"))
result.append("?");
result.append(queryString);
}
return result.toString();
}
Can you try the above and see if it works for you?
Ernesto
On Wed, Oct 27, 2010 at 9:29 AM, sonxurxo <sonxu...@gmail.com> wrote:
>
> Hi Ernesto,
>
> I tried your code and it's working for me, just with one issue I mention at
> the end of this post. I had to make just 3 modifications: the method
> resolve() stays like this:
>
> public IRequestTarget resolve(RequestCycle rc, RequestParameters rp)
> {
>
> // if (portConfig.isPreferStateful()) {
> Session.get().bind();
> // }
>
> IRequestTarget target = super.resolve(rc, rp);
> return checkSecure(target);
> }
>
> because I can not find the isPreferStateful() method, and the SecureForm
> onComponentTag() is like this:
>
> @Override
> protected void onComponentTag(ComponentTag tag) {
> super.onComponentTag(tag);
> String action = tag.getAttribute("action");
> action = RequestUtils.toAbsolutePath(action);
> if(!action.startsWith("https")) {
> action = "https" + action.substring(4);
> action =
> action.replace(String.valueOf(MeteosixApplication.get().getHttpPort()),
>
> String.valueOf(MeteosixApplication.get().getHttpsPort()));
> }
> tag.put("action", action);
> }
>
> to also substitute the port numbers in the action (I get them from my
> Application class with custom methods).
>
> and the annotation @SemiSecurePage is not needed at all, since it will enter
> the ifs the same, so you can freely remove it.
>
> The issue is that when validation fails, it does not find the CSS because my
> browser is requesting it without the context (e.g.
> http://localhost:9090/styles/main/layout.css instead of
> http://localhost:9090/myapplication/styles/main/layout.css). Does not it
> happen to you? How can I fix that? When does Wicket establish the URL for
> static resources like that this? I'm adding it this way:
>
> add(CSSPackageResource.getHeaderContribution("styles/main/layout.css"));
>
> The rest of the solution works great, I didn't have much time to inspect it
> (I can see the tricky parts :) ) and to check how much
> wicket-version-dependent it can be, but I think it's OK (since it's
> working!).
>
> So the only thing is to fix the CSS issue, do you have any idea of how...?
> Thank you
> --
> View this message in context:
> http://apache-wicket.1842946.n4.nabble.com/SSL-Links-and-buttons-tp3001634p3014970.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
> For additional commands, e-mail: users-h...@wicket.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
