Hi there, I am using Wicket 1.4.19 and trying to do what the subject says: Avoid creating an HttpSession before the user logs in. Why would I want to allocate memory for an unauthorized user, right?
I can make my login page stateless and if the user hits the login page URL no session is created yet (https://cwiki.apache.org/WICKET/stateless-pages.html). So far so good. BUT: If the user hits any other URL (such as the context root), she is redirected to the login page and the redirect creates an HttpSession! This is because onUnauthorizedInstantiation we throw a new RestartResponseAtInterceptPageException(LoginPage.class), which sets up a redirect through the page map, which creates a session. Is there any other way to redirect the user to an intercept page without using HttpSession at all? Would it be possible to redirect the user without using the page Map? And maybe save the original URL, client side, to use it after log in. Thanks so much --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org For additional commands, e-mail: users-h...@wicket.apache.org
