Details
-
Bug
-
Status: Open
-
Major
-
Resolution: Unresolved
-
6.6.0
-
None
Description
I'm having an issue with HttpsMapper not switching to SSL when there is no JSESSIONID cookie. It's happening with wicket-auth-roles when the user goes to the home page, which need authentication. I have this code in my init method in my WebApplication class.
getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy()
{
@Override
public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass)
{
if (AuthenticatedWebPage.class.isAssignableFrom(componentClass))
return true;
}
@Override
public boolean isActionAuthorized(Component component, Action action)
});
HomePage implements AuthenticatedWebPage and LoginPage has the @RequireHttps annotation. This only seems to happen when there is no JSESSIONID cookie. The URL looks like this:
when it should be https://localhost:8443/login. If I try it a second time after the cookie has been created it works fine. This is not a problem when I go straight to http://localhost:8080/login (works fine then).
Attachments
Attachments
Issue Links
- is blocked by
-
WICKET-5621 Store more information to/with BufferedWebResponse that survives multi-RequestCycle redirect
- Open
- links to