2

Currently I'm developing an REST webservice for an PACS viewer (medical images). This webservice needs to have encrypted/obfuscated parameters to ensure users cant fuzz with the parameters to get data from other patients.

In an Wicket panel im setting an Session attribute:

wicketSession.setAttribute("study", studyInstanceUID);

I want to access this attribute in the Jersey webservice, but the session doesn't contain any attributes in my jersey webservice. It seems like it is not injected or retrieved? Instead of that it creates a new? session with the current SessionID sent from the client.

I've created an filter and mapper for the jersey webservice:

<filter-mapping>
    <filter-name>WicketSessionFilter</filter-name>
    <url-pattern>/pacsviewer/*</url-pattern>
</filter-mapping>

But this doesn't seem to make any difference? I think I'm doing something wrong with the injection or state of the webservice?

Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
user1226868
  • 1,708
  • 5
  • 18
  • 29
  • Are your filters in the right order, i.e. the session filter is before the Jersey filter? I've been using the filter to access the wicket session from Resteasy and it worked fine so far. – Thomas Apr 02 '13 at 15:30

2 Answers2

3

If you write your own filter you can read in the underlying HttpSession the object corresponding to your Wicket Session is located under the "wicket:${filterName}:session" attribute when you put the following in your web.xml

<filter>
    <filter-name>SessionFilter</filter-name>
    <filter-class>org.apache.wicket.protocol.http.servlet.WicketSessionFilter</filter-class>
    <init-param>
        <param-name>filterName</param-name>
        <!-- expose the session of the input example app -->
        <param-value>wicket.Main</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>SessionFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>

Then you can get the Wicket Session object with the following Java code in your own filter for example (add null checks and other boilerplate code): 

 HttpSession session = httpRequest.getSession(false);
 WebSession wicketSession = session.getAttribute("wicket:wicket.Main:session");
 //do whatever you want with this
 //I think a wicketSession.getAttribute("study")
Cedric Gatay
  • 1,553
  • 3
  • 12
  • 17
0

Is your session object bound to the HttpSession? Wicket will try to delay actual tracking a session until it encounters a stateful page (for example a page with AJAX functionality). You can bind the session using:

getSession().bind();

This will ensure that Wicket's session is bound and persisted in the container's HttpSession, and that the container will track the session.

Martijn Dashorst
  • 3,652
  • 17
  • 26