so what do we need to do to fix it on our end?

-igor

On Thu, Nov 17, 2011 at 11:34 AM, thomas willomitzer <[email protected]> wrote:
> No I'm afraid ... just tried
>
> On Thu, Nov 17, 2011 at 8:19 PM, Igor Vaynberg <[email protected]>wrote:
>
>> would adding a bogus query param help there? so the url will look like
>> this: localhost/?1&bogus=1
>>
>> -igor
>>
>> On Thu, Nov 17, 2011 at 10:21 AM, thomas willomitzer <[email protected]>
>> wrote:
>> > Fair enough ...
>> >
>> > Looking at org.apache.catalina.connector.Response a url of e.g.
>> > http://localhost/?1 results in a path of length 0 which doesn't append
>> the
>> > jsessionid.
>> >
>> > if( sb.length() > 0 ) { // jsessionid can't be first.
>> >
>> > It's obviously a tomcat issue ... but given the fact that tomcat is
>> widely
>> > used ... can't we do something about that?
>> > Well I did by using ONE_PASS_RENDER ;)
>> >
>> > Thanks
>> > Willo
>> >
>> >    /**
>> >     * Return the specified URL with the specified session identifier
>> >     * suitably encoded.
>> >     *
>> >     * @param url URL to be encoded with the session id
>> >     * @param sessionId Session id to be included in the encoded URL
>> >     */
>> >    protected String toEncoded(String url, String sessionId) {
>> >
>> >        if ((url == null) || (sessionId == null))
>> >            return (url);
>> >
>> >        String path = url;
>> >        String query = "";
>> >        String anchor = "";
>> >        int question = url.indexOf('?');
>> >        if (question >= 0) {
>> >            path = url.substring(0, question);
>> >            query = url.substring(question);
>> >        }
>> >        int pound = path.indexOf('#');
>> >        if (pound >= 0) {
>> >            anchor = path.substring(pound);
>> >            path = path.substring(0, pound);
>> >        }
>> >        StringBuilder sb = new StringBuilder(path);
>> >        if( sb.length() > 0 ) { // jsessionid can't be first.
>> >            sb.append(";");
>> >
>>  sb.append(ApplicationSessionCookieConfig.getSessionUriParamName(
>> >                    request.getContext()));
>> >            sb.append("=");
>> >            sb.append(sessionId);
>> >        }
>> >        sb.append(anchor);
>> >        sb.append(query);
>> >        return (sb.toString());
>> >
>> >    }
>> >
>> >
>> > On Thu, Nov 17, 2011 at 6:52 PM, Igor Vaynberg <[email protected]
>> >wrote:
>> >
>> >> as long as we are passing the /?1 url through
>> >> servletresponse#encoderedirecturl() tomcat is responsible for
>> >> appending the JSESSIONID if its not yet available in a cookie...
>> >>
>> >> -igor
>> >>
>> >> On Thu, Nov 17, 2011 at 2:16 AM, thomas willomitzer <[email protected]>
>> wrote:
>> >> > Hi,
>> >> >
>> >> > Thanks for the advice! I follwed and traced the problem. Think it's a
>> >> > combination of Wicket and Tomcat...
>> >> >
>> >> > When i send the request for http://localhost/, wicket get's the
>> session
>> >> > from tomcat, renders the page and buffers the response (since
>> >> > ONE_PASS_RENDER isn't default).
>> >> > Wicket (1.5.3) also appends the ?1 and sends a 302 redirect to
>> >> > http://localhost/?1 (in the 302 response header the cookie get's
>> >> correctly
>> >> > set - but not appended to the redirect URL).
>> >> > Tomcat (7.0.22) doesn't append jsessionid to an url like
>> >> http://localhost/?1.
>> >> > Looks like it's still the "empty path" and tomcat problem that
>> prohibits
>> >> > the appending of jsessionid.
>> >> >
>> >> > Now when I don't use cookies and follow the request to
>> >> > http://localhost/?1how should wicket know which session we're talking
>> >> > about?
>> >> >
>> >> > Please note that this problem doesn't exist when sending a request to
>> >> e.g.
>> >> > http://localhost/login. I get a correct redirect to
>> >> > http://localhost/login;jsessionid=xxxxxxxxxx.
>> >> >
>> >> > I could think of the following "workaround":
>> >> > 1.) For the homepage use ONE_PASS_RENDER
>> >> >
>> >> > Is this a tomcat/wicket combination problem or am I doing something
>> >> wrong?
>> >> >
>> >> > Many thanks
>> >> > Willo
>> >> >
>> >> > On Wed, Nov 16, 2011 at 7:57 PM, Bertrand Guay-Paquet <
>> >> > [email protected]> wrote:
>> >> >
>> >> >> I don't know of any other specific causes unfortunately...
>> >> >>
>> >> >> Try setting a breakpoint in RequestCycle#onBeginRequest() and see
>> what
>> >> >> happens. Try your page constructor too since it might be closer to
>> the
>> >> >> source of the problem.
>> >> >>
>> >> >> Good luck!
>> >> >> Bertrand
>> >> >>
>> >> >>
>> >> >> On 16/11/2011 12:21 PM, thomas willomitzer wrote:
>> >> >>
>> >> >>> Hi,
>> >> >>>
>> >> >>> Thanks I checked but no getPageParameters() override ;)
>> >> >>>
>> >> >>> Regards
>> >> >>> Thomas
>> >> >>>
>> >> >>> On Wed, Nov 16, 2011 at 6:04 PM, Bertrand Guay-Paquet<
>> >> >>> [email protected]>  wrote:
>> >> >>>
>> >> >>>  Hi,
>> >> >>>>
>> >> >>>> I had a redirect loop once because I added an override to
>> >> >>>> Page#getPageParameters() by mistake. I wanted to use my method to
>> >> >>>> generate
>> >> >>>> a new PageParameters instance for a page but overriding the Page
>> >> method
>> >> >>>> gave your result.
>> >> >>>>
>> >> >>>> It's worth a shot!
>> >> >>>>
>> >> >>>> Regards,
>> >> >>>> Bertrand
>> >> >>>>
>> >> >>>>
>> >> >>>> On 16/11/2011 11:40 AM, thomas willomitzer wrote:
>> >> >>>>
>> >> >>>>  Dear All,
>> >> >>>>>
>> >> >>>>> I've managed to get the jsessionid appended correctly when
>> >> requesting a
>> >> >>>>> page without cookies enabled (wicket 1.5.3, tomcat 7.0.22).
>> >> >>>>>
>> >> >>>>> I get
>> >> >>>>> curl -v --insecure https://localhost/ ->   Location:
>> >> >>>>> https://localhost/?1
>> >> >>>>> curl -v --insecure https://localhost/?1 ->   Location:
>> >> >>>>>
>> >> https://localhost/.;****jsessionid=****D62D2D693854214C847E7A75439909**
>> >> >>>>> **A3<
>> >> https://localhost/.;**jsessionid=**D62D2D693854214C847E7A75439909**A3>
>> >> >>>>> <
>> >> https://localhost/.;**jsessionid=**D62D2D693854214C847E7A75439909**A3<
>> >> https://localhost/.;jsessionid=D62D2D693854214C847E7A75439909A3>
>> >> >>>>> >
>> >> >>>>> curl -v --insecure
>> >> >>>>>
>> >> https://localhost/.;****jsessionid=****D62D2D693854214C847E7A75439909**
>> >> >>>>> **A3<
>> >> https://localhost/.;**jsessionid=**D62D2D693854214C847E7A75439909**A3>
>> >> >>>>> <
>> >> https://localhost/.;**jsessionid=**D62D2D693854214C847E7A75439909**A3<
>> >> https://localhost/.;jsessionid=D62D2D693854214C847E7A75439909A3>>->
>> >> >>>>>   HTTP 404
>> >> >>>>>
>> >> >>>>>
>> >> >>>>> change URL (erasing ".") to
>> >> >>>>> curl -v --insecure
>> >> >>>>>
>> https://localhost/;jsessionid=******D62D2D693854214C847E7A75439909**
>> >> >>>>> **A3<
>> >> https://localhost/;jsessionid=**D62D2D693854214C847E7A75439909**A3>
>> >> >>>>> <
>> >> https://localhost/;**jsessionid=**D62D2D693854214C847E7A75439909**A3<
>> >> https://localhost/;jsessionid=D62D2D693854214C847E7A75439909A3>>->
>> >> >>>>>   Location:
>> >> >>>>>
>> >> >>>>> https://localhost/?1
>> >> >>>>>
>> >> >>>>> When trying in a browser I get the warning that it's a redirect
>> loop.
>> >> >>>>>
>> >> >>>>> Can somebody please point me to what I'm doing wrong here?
>> >> >>>>>
>> >> >>>>> Many Thanks
>> >> >>>>> Thomas
>> >> >>>>>
>> >> >>>>>
>> >> >>>>>  ------------------------------****----------------------------**
>> >> >>>> --**---------
>> >> >>>> To unsubscribe, e-mail: users-unsubscribe@wicket.**apa**che.org<
>> >> http://apache.org>
>> >> >>>> <users-unsubscribe@**wicket.apache.org<
>> >> [email protected]>
>> >> >>>> >
>> >> >>>>
>> >> >>>> For additional commands, e-mail: [email protected]
>> >> >>>>
>> >> >>>>
>> >> >>>>
>> >> >
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: [email protected]
>> >> For additional commands, e-mail: [email protected]
>> >>
>> >>
>> >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [email protected]
>> For additional commands, e-mail: [email protected]
>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to