On Wed, Apr 11, 2018 at 9:26 AM, Maxim Solodovnik <solomax...@gmail.com> wrote:
> Martin, > > Will > throw new AbortWithHttpErrorCodeException(410, "Unauthorized"); > also do the job? > Probably. But I remember a ticket saying that throwing (WicketRuntime?!)Exception doesn't work well in IRequestCycleListener#onBeginRequest > > On Wed, Apr 11, 2018 at 1:24 PM, Martin Grigorov <mgrigo...@apache.org> > wrote: > > > Hi, > > > > On Tue, Apr 10, 2018 at 11:49 PM, Lon Varscsak <lon.varsc...@gmail.com> > > wrote: > > > > > I have a need to build some apps (or mount points) to check if the > source > > > is coming from an internal IP and if not, present the user with an > > > "unauthorized" request. I know how to check client IP and what not, > but > > > I'm not sure how to generate programmatically a simple WebResponse that > > is > > > just some text with a status code. > > > > > > 1) I'm currently using IRequestCycleListener to listen and then hijack > > the > > > response. Not sure if this is the appropriate place. > > > > > > > This is the Wicket way. > > You can also use plain Servlet Filter to do it even before Wicket has a > > chance to see the request. > > > > > > > 2) How do you programmatically generate a response without implementing > > all > > > the methods of WebResponse. At the point that the > IRequestCycleListener > > > the response that is in the cycle already has content. Basically I > want > > to > > > throw that away and return "Unauthorized"/401. > > > > > > > requestCycle.replaceAllRequestHandlers(new ErrorCodeRequestHandler(401, > > "Unauthorized")) > > > > > > > > > > Any thoughts or suggestions? > > > > > > Thanks! > > > > > > Lon > > > > > > > > > -- > WBR > Maxim aka solomax >