5 Replies Latest reply on Jan 30, 2012 11:45 AM by assen

    session timeout doesn't work seam3 project

    bjoice

      I migrated my seam2 project to seam3. Here the session timeout doesn't work in seam3 project. Added the following to web.xml.


       

       <session-config>
              <session-timeout>2</session-timeout>
          </session-config>
      
          <error-page>
              <exception-type>?</exception-type>
              <location>/Error.xhtml</location>
          </error-page> 


        • 1. Re: session timeout doesn't work seam3 project
          lightguard

          What else do you have in your application? Do you have a JSF component kit like RichFaces, PrimeFaces, ICEfaces running? We need more information that what you gave us to make any kind of useful statement.

          • 2. Re: session timeout doesn't work seam3 project
            robsonl

            I have similar problem. I cannot force application to redirect to login page when session timeout. I have Seam3/PrimeFaces on JBoss 6.1.


            This is the error exception:


            14:53:32,121 ERROR [STDERR] javax.faces.application.ViewExpiredException: viewId:/home.xhtml - View /home.xhtml could not be restored.
            14:53:32,121 ERROR [STDERR]      at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:195)



            I tried this in web.xml:



                 <error-page>
                     <exception-type>javax.faces.application.ViewExpiredException</exception-type>
                     <location>/login.xhtml</location>
            </error-page>



            ... but without success. I tried also this:



            @HandlesExceptions
            public class ExceptionHandlers {
               void handleAll(@Handles @WebRequest
                     CaughtException<Throwable> caught, HttpServletResponse response) {
                      response.sendError(500, "You've been caught by Catch!");
               }
            }



            ... i tried also servlet filter to test if session exist and then redirect to login page, but all without success. Always the same error :(


            Is there any other idea?

            • 3. Re: session timeout doesn't work seam3 project
              bjoice

              The project has JSF component kit like RichFaces4.1. I also tried the above and also

              public class ViewEx2.0piredExceptionHandler extends ExceptionHandlerWrapper {
              ..............
               if ((t instanceof ViewExpiredException) || (t instanceof NonexistentConversationException)) {
              }.............
              
              }
              


              As found in one of the website handle session gracefully.

              • 4. Re: session timeout doesn't work seam3 project
                bjoice

                Glassfish3.1.1 server log displays:


                 WARNING: StandardWrapperValve[Faces Servlet]: PWC1406: Servlet.service() for servlet Faces Servlet threw exception
                org.jboss.weld.context.NonexistentConversationException: WELD-000321 No conversation found to restore for id 8
                        at org.jboss.weld.jsf.WeldPhaseListener.activateConversations(WeldPhaseListener.java:108) 



                But it does not get redirected to the error page, as in web.xml


                <session-config>
                        <session-timeout>2</session-timeout>
                    </session-config>
                
                    <error-page>
                        <exception-type>org.jboss.weld.context.NonexistentConversationException</exception-type>
                        <location>/error.xhtml</location>
                    </error-page>
                
                    <error-page>
                        <exception-type>javax.faces.application.ViewExpiredException</exception-type>
                        <location>/error.xhtml</location>
                    </error-page> 



                • 5. Re: session timeout doesn't work seam3 project
                  assen

                  Hi,


                  I have the same problem:


                  1. Seam catch modul does not work with any redirects for me (FacesContext or raw redirect through ServletResponse)


                  2. Seam ViewConfig stuff has huge problems too with session timeout (s. NullPointerExceptionInSeamSecuriry ). The problem persist in 3.1.0.Final.


                  Because of both problems described above, ViewConfig cannot be used in production.


                  Solution that works for me (just for the session-timeout-redirect problem) looks like this:


                    public void observeHttpSessionTimeout(@Observes @Initialized final HttpServletRequestContext aContext,
                                                           final HttpSessionStatus aSessionStatus, final ServletContext aServletContext)
                        throws IOException
                     {
                        if(!aSessionStatus.isActive() && aSessionStatus.get().isNew())
                        {
                           final HttpServletResponse response = aContext.getResponse();
                  
                  
                           final StringBuilder redirect = new StringBuilder(10);
                           redirect.append(aContext.getContextPath());
                           redirect.append(aPageToRedirect);
                           redirect.append("?faces-redirect=true");
                       
                           final String redirectPage = response.encodeRedirectURL(redirect.toString());
                           response.sendRedirect(redirectPage);
                        }
                     }
                  



                  I was forced to implement features like redirecting the user to the original requested url after session-timeout and login using PreLoginEvent / PostLoginEvent construct from Seam Faces, but I don't think this was the intention of the Seam 3 developers.


                  I appreciate any tips from the Seam 3 Faces developers about solutions for the problems described above.