Hi,

I've not done web development work since last using Apache Struts for its MVC framework ( about 6 years ago now ). So bear with me if my questions does not make sense:

SESSIONS

1) Reading through the JSF2 spec PDF, it mentions about state-saving via the StateManager. I presume this is also the same StateManager that it used to store managed-beans that are in @SessionScoped ?

2) In relation to session-scoped managed beans, when does a JSF implementation start a new session ? That is, when does the implementation such as JBoss7 call ExternalContext.getSession( true ) .. and when does it simply uses an existing session ( calling ExternalContext.getSession( false ) ) ?

3) In relation to session-scoped managed beans, when does a JSF implementation invalidate a session ? That is, when does the implementation call ExternalContext.invalidateSession() ?

4) Does ExternalContext.getSession( true ) or ExternalContext.invalidateSession() even make sense if the state-saving mechanism is client ? ( javax.faces.STATE_SAVING_METHOD = client ) Will the JSF implementation ever call these methods if the state-saving mechanism is client ?

When working with Struts long time ago, __I__ have to ( or the application developer, not the framework ) decide when to start a new HttpSession and when to invalidate the session.

With JSF, the annotation with @SessionScoped suggests to me that the JSF implementation itself will create an HttpSession by itself, but I would like to know when is a new one created, or when an existing one is used, and when it invalidates the current session.

CONTROLLERS

Most of the JSF2 tutorials that I have been reading on-line uses the same backing-bean when perfoming an action on the form ( when doing a POST or a GET or a post-back to the same page ).

Is this best practice ? It looks like mixing what should have been a simple POJO with additional logic that should really be in a separate class.
What have others done ?