Apache Wicket › Users forum

WicketSessionFilter and ignorePaths in WicketFilter

Classic

List

Threaded

4 messages Options

hok

WicketSessionFilter and ignorePaths in WicketFilter

Hello,
I'm having an application which uses cometd, so I have a separate CometdServlet for this. In order to use the wicket session in the CometdServlet I also have a WicketSessionFilter:

<filter>
<filter-name>wicket.carparts</filter-name>
<filter-class>org.apache.wicket.protocol.http.WicketFilter</filter-class>
<init-param>
<param-name>applicationClassName</param-name>
<param-value>com.carparts.frontend.wicket.application.WicketApplication</param-value>
</init-param>
<init-param>
<param-name>configuration</param-name>
<param-value>development</param-value>
</init-param>
<init-param>
<param-name>ignorePaths</param-name>
<param-value>cometd</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>wicket.carparts</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>

<error-page>
<error-code>404</error-code>
<location>/404</location>
</error-page>

<filter>
<filter-name>WicketSessionFilter</filter-name>
<filter-class>org.apache.wicket.protocol.http.servlet.WicketSessionFilter</filter-class>
<init-param>
<param-name>filterName</param-name>
<param-value>wicket.carparts</param-value>
</init-param>
</filter>

<filter-mapping>
<filter-name>WicketSessionFilter</filter-name>
<url-pattern>/cometd/*</url-pattern>
</filter-mapping>

<servlet>
<servlet-name>cometd</servlet-name>
<servlet-class>org.cometd.server.CometdServlet</servlet-class>

......
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>cometd</servlet-name>
<url-pattern>/cometd/*</url-pattern>
</servlet-mapping>

Before adding ignorePaths everything was working fine (CometdServlet had access to the wicket session), however I noticed the following: every time when cometd makes a request to the server a new wicket session is created (and in my case an automatic login is performed, so creating a session is not very "cheap" operation). Because of this I added the ignorePaths parameter for WicketFilter, so no session is created. But after this the CometdServlet doesn't have access to the wicket session anymore:

java.lang.IllegalArgumentException: Argument 'requestCycle' may not be null.
at org.apache.wicket.util.lang.Args.notNull(Args.java:39)
at org.apache.wicket.Application.fetchCreateAndSetSession(Application.java:1487)
at org.apache.wicket.Session.get(Session.java:159)
at com.carparts.frontend.comet.NotificationServlet$1.canSubscribeForNotifications(NotificationServlet.java:70)
at com.carparts.chat.server.ChatService$2.canSubscribe(ChatService.java:158)
at com.carparts.chat.server.SecurityPolicySet.canSubscribe(SecurityPolicySet.java:62)
at org.cometd.server.BayeuxServerImpl.isSubscribeAuthorized(BayeuxServerImpl.java:624)
at org.cometd.server.BayeuxServerImpl.access$1000(BayeuxServerImpl.java:55)
at org.cometd.server.BayeuxServerImpl$SubscribeHandler.onMessage(BayeuxServerImpl.java:1152)
at org.cometd.server.BayeuxServerImpl.doPublish(BayeuxServerImpl.java:784)
at org.cometd.server.BayeuxServerImpl.handle(BayeuxServerImpl.java:572)
at org.cometd.server.transport.LongPollingTransport.handle(LongPollingTransport.java:212)
at org.cometd.server.CometdServlet.service(CometdServlet.java:152)
at org.cometd.server.CometdServlet.service(CometdServlet.java:121)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:534)

Is it possible to keep the ignorePaths parameter and still keep the session accessible from CometdServlet? If not, is it possible not to create a new session on every cometd request (may be I have some configuration errors)? Thanks in advance.

Remove Ads

hok

Re: WicketSessionFilter and ignorePaths in WicketFilter

Hello,
after some investigation I reached to the following:
when a wicket session is created it is added as attribute to the HttpSession:
HttpSessionStore.bind(), and inside it

setAttribute(request, getSessionAttribute(), newSession);

If we assume that inside web.xml the WicketFilter name is "WICKET_FILTER", the getSessionAttribute() method returns "sessionWICKET_FILTER". Then, inside
setAttribute(request, getSessionAttribute(), newSession);
the attribute name, by which the wicket session will be stored in the HttpSession is formed as
String attributeName = getSessionAttributePrefix(request) + name;, where name is "sessionWICKET_FILTER" and getSessionAttributePrefix(request) returns "wicket:WICKET_FILTER:"
As a result of all this the wicket session is stored in HttpSession with attribute named
"wicket:WICKET_FILTER:sessionWICKET_FILTER"

On the other hand when the WicketSessionFilter is asked for the session, it forms it's own attribute value of the stored session:
Inside WicketSessionFilter.getSession() (line 208):
sessionKey = application.getSessionAttributePrefix(null, filterName) + Session.SESSION_ATTRIBUTE_NAME;, where
application.getSessionAttributePrefix(null, filterName) returns "wicket:WICKET_FILTER:" and Session.SESSION_ATTRIBUTE_NAME is "session". As a result WicketSessionFilter tries to get the session with attribute named "wicket:WICKET_FILTER:session"

The attribute names from HttpSessionStore ("wicket:WICKET_FILTER:sessionWICKET_FILTER") and WicketSessionFilter("wicket:WICKET_FILTER:session") are different and the session cannot be retrieved.

Martin Grigorov-4

Re: WicketSessionFilter and ignorePaths in WicketFilter

Is this Wicket 1.5 ?
Create a quickstart and attach it to Jira.

On Fri, Jun 3, 2011 at 2:24 PM, hok <[hidden email]> wrote:

> Hello,
> after some investigation I reached to the following:
> when a wicket session is created it is added as attribute to the
> HttpSession:
> HttpSessionStore.bind(), and inside it
>
> setAttribute(request, getSessionAttribute(), newSession);
>
> If we assume that inside web.xml the WicketFilter name is "WICKET_FILTER",
> the getSessionAttribute() method returns "sessionWICKET_FILTER". Then,
> inside
> setAttribute(request, getSessionAttribute(), newSession);
> the attribute name, by which the wicket session will be stored in the
> HttpSession is formed as
> String attributeName = getSessionAttributePrefix(request) + name;, where
> name is "sessionWICKET_FILTER" and getSessionAttributePrefix(request)
> returns "wicket:WICKET_FILTER:"
> As a result of all this the wicket session is stored in HttpSession with
> attribute named
> "wicket:WICKET_FILTER:sessionWICKET_FILTER"
>
> On the other hand when the WicketSessionFilter is asked for the session, it
> forms it's own attribute value of the stored session:
> Inside WicketSessionFilter.getSession() (line 208):
> sessionKey = application.getSessionAttributePrefix(null, filterName) +
> Session.SESSION_ATTRIBUTE_NAME;, where
> application.getSessionAttributePrefix(null, filterName) returns
> "wicket:WICKET_FILTER:" and Session.SESSION_ATTRIBUTE_NAME is "session". As
> a result WicketSessionFilter tries to get the session with attribute named
> "wicket:WICKET_FILTER:session"
>
> The attribute names from HttpSessionStore
> ("wicket:WICKET_FILTER:sessionWICKET_FILTER") and
> WicketSessionFilter("wicket:WICKET_FILTER:session") are different and the
> session cannot be retrieved.
>
>
>
>
> --
> View this message in context: http://apache-wicket.1842946.n4.nabble.com/WicketSessionFilter-and-ignorePaths-in-WicketFilter-tp3570291p3570577.html
> Sent from the Users forum mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>

--
Martin Grigorov
jWeekend
Training, Consulting, Development
http://jWeekend.com

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

hok

Re: WicketSessionFilter and ignorePaths in WicketFilter

Yes, it's wicket 1.5
https://issues.apache.org/jira/browse/WICKET-3769