Ok, more poking around and here's what I think is happening ...
Accessing the the login page directly via https://.../myWicketApp/login?wicket:bookmarkablePage=:com..... works ok.
after log in the app works ok and take the "https" in the URL as it is from the request...
However, myWicketApp has an AuthorizationStrategy which extends SimplePageAuthorizationStrategy .. and it is when I access the myWicketApp home page and gets redirectToInterceptPage (my login page) that it drops the "https" because it was not requested directly from the client browser but from within the LB ?
is this wrong?
Josh
On 11/6/06, Joshua Lim <[EMAIL PROTECTED]> wrote:
Hi igor
Yes you are right, between the (loadbalancer) LB and apache and Weblogic (internal nework) they are all over http - and only the browser to the LB is SSL...
Is there something at the application level that I can do to make it work ? I am afraid I might have difficulty getting the convincing them reconfigure their "standard" LB setup to always forward with "https"
thanks
JoshOn 11/6/06, Igor Vaynberg < [EMAIL PROTECTED]> wrote:afaik wicket should not mess with http vs https, it works on whatever the request is. so it might be that your loadbalancer forwards the request over http instead of https so to wiket it seems like you are accessing over http?
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Wicket-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/wicket-user
