Wicket
  1. Wicket
  2. WICKET-5094

ISecuritySettings#getEnforceMounts(true) prevents access to *all* non-mounted bookmarkable pages

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 6.6.0, 1.5.10
    • Fix Version/s: 6.7.0, 1.5.11
    • Component/s: wicket
    • Labels:
      None

      Description

      ISecuritySettings#setEnforceMounts(true) is meant to be used to prevent access to mounted-pages via BookmarkableMapper, e.g. when Page1.class is mounted:

      http://localhost:8080/niceurl/a/nice/path/to/the/first/page

      ... then the following url will not be accepted:

      http://localhost:8080/niceurl/wicket/bookmarkable/org.apache.wicket.examples.niceurl.Page1

      But starting with Wicket 1.5.x access to all non-mounted pages via BookmarkableMapper is prevented, i.e. no url "http://localhost:8080/niceurl/wicket/bookmarkable/*" is matched.

        Issue Links

          Activity

            People

            • Assignee:
              Sven Meier
              Reporter:
              Sven Meier
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development