Wicket 6.x, using HttpsMapper
Inside of the Application.init() method add the following.
Note |
---|
It is extemtely important that when setting the rootRequestMapper it is done AFTER you have added any bookmarkable links otherwise they will not be switched over to Secure mode. |
Code Block |
---|
mountPage("/somepage", MyPage.class);
// notice that in most cases this should be done as the
// last mounting-related operation because it replaces the root mapper
setRootRequestMapper(new HttpsMapper(getRootRequestMapper(), new HttpsConfig()));
|
As with previous versions of Wicket, now all you need to do is include the @RequireHttps attribute on your Pages or Components.
Using other methods to determine if Https should be use:
Referencing the example above, override the getDesiredSchemeFor method.
Code Block |
---|
setRootRequestMapper(new HttpsMapper(getRootRequestMapper(), new HttpsConfig()){
@Override
protected Scheme getDesiredSchemeFor(Class pageClass) {
if (getConfigurationType()==RuntimeConfigurationType.DEVELOPMENT) {
log.debug("Dev mode, always use HTTP");
return Scheme.HTTP;
} else {
log.debug("not in development mode, letting the mapper decide, or roll you own solution");
return super.getDesiredSchemeFor(pageClass);
}
}
}); |
—
...
Using HttpsRequestCycleProcessor (after 1.4--rc3)
By replacing the default WebRequestCycleProcessor with the HttpsRequestCycleProcessor, you are able to specify secure pages using the @RequireHttps annotation on your pages. If you wanted a little more control... lets say for development you did not want your annotated pages to use https, you could bypass the Switch Protocol code like this. As of 1.4-rc3 Wicket provides built in support for http/https switching via org.apache.wicket.protocol.https.HttpsRequestCycleProcessor. Please see the javadoc of this class for details
Code Block |
---|
@Override protected IRequestCycleProcessor newRequestCycleProcessor() { HttpsConfig config = new HttpsConfig(80,443); return new HttpsRequestCycleProcessor(config) { @Override protected IRequestTarget checkSecureIncoming(IRequestTarget target) { if (getConfigurationType().equals(Application.DEVELOPMENT)) { return target; } else { return super.checkSecureIncoming(target); } } @Override protected IRequestTarget checkSecureOutgoing(IRequestTarget target) { if (getConfigurationType().equals(Application.DEVELOPMENT)) { return target; } else { return super.checkSecureOutgoing(target); } } }; } |
For The Entire Application
...