Wicket
  1. Wicket
  2. WICKET-4251

Multipart Form and AjaxSubmitLink will result in invalid redirect after user session expires

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.3
    • Fix Version/s: 1.5.4, 6.0.0-beta1
    • Component/s: wicket
    • Labels:
      None
    • Environment:
      JDK_1.6_027/Windows/Linux/Explorer/Chrome/Firefox

      Description

      Hi,

      I have hit an issue similar to this one:

      https://issues.apache.org/jira/browse/WICKET-3141

      I do not receive any errors from Wicket itself to help clarify, so I will try to explain using an example.

      The example below with which I could recreate the issue uses the default SignInPanel (in my LoginPage.clas) and AuthenticatedWebSession to authenticate the user and store the session:

      protected Class<? extends WebPage> getSignInPageClass()

      { return LoginPage.class; }

      If the authentiation is succesfull then the user is redirect back to the test page:

      protected void onSignInSucceeded()

      { setResponsePage(Test.class); }

      So far so good. However if I use a form with setMultiPart(true) in combination with an AjaxSubmitLink as shown in the following piece of code:

      import org.apache.wicket.ajax.AjaxRequestTarget;
      import org.apache.wicket.ajax.markup.html.form.AjaxSubmitLink;
      import org.apache.wicket.authroles.authorization.strategies.role.annotations.AuthorizeInstantiation;
      import org.apache.wicket.markup.html.WebPage;
      import org.apache.wicket.markup.html.form.Form;

      @AuthorizeInstantiation("USER")
      public class Test extends WebPage {

      public Test()
      {
      super();

      final Form testForm =
      new Form("testForm");

      testForm.setMultiPart(true);

      testForm.add(new AjaxSubmitLink("testButton", testForm) {

      @Override
      protected void onSubmit(AjaxRequestTarget target, Form form)

      { super.onSubmit(); }

      ;

      @Override
      protected void onError(AjaxRequestTarget target, Form form) {

      };
      });

      add(testForm);
      }
      }

      And have selected the option "Remember credentials" in the SignInPanel, clicking on the testButton AFTER the session has expired will result in:

      http://localhost:8080/PaladinWicket/?3-1.IBehaviorListener.0-testForm-testButton&wicket-ajax=true&wicket-ajax-baseurl=.

      which displays this in the browser:

      This XML file does not appear to have any style information associated with it. The document tree is shown below.
      <ajax-response>
      <redirect>
      <![CDATA[ .?1 ]]>
      </redirect>
      </ajax-response>

      1. WICKET-4251.patch
        2 kB
        Martin Grigorov
      2. myproject.rar
        24 kB
        Tom Rixom

        Activity

        Martin Grigorov made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Assignee Igor Vaynberg [ ivaynberg ] Martin Grigorov [ mgrigorov ]
        Fix Version/s 1.5.4 [ 12319051 ]
        Fix Version/s 6.0.0 [ 12315431 ]
        Resolution Fixed [ 1 ]
        Martin Grigorov made changes -
        Assignee Martin Grigorov [ mgrigorov ] Igor Vaynberg [ ivaynberg ]
        Martin Grigorov made changes -
        Attachment WICKET-4251.patch [ 12505011 ]
        Igor Vaynberg made changes -
        Assignee Martin Grigorov [ mgrigorov ]
        Tom Rixom made changes -
        Attachment myproject.rar [ 12504502 ]
        Tom Rixom made changes -
        Attachment myproject.rar [ 12504501 ]
        Tom Rixom made changes -
        Comment [ Login as test/test and set the "Remember credentials".

        Then wait 1 minute, and click the "Test" button. ]
        Tom Rixom made changes -
        Field Original Value New Value
        Attachment myproject.rar [ 12504501 ]
        Tom Rixom created issue -

          People

          • Assignee:
            Martin Grigorov
            Reporter:
            Tom Rixom
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development