Skip navigation

This project is read only now.

1 Reply Latest reply on Nov 28, 2012 1:33 PM by johanatobm

[seam-2.2.2] security handling sfsb timeout

johanatobm Nov 28, 2012 1:00 PM

Hi,

I'm using de.akquiner.jbosscc:jboss-seam-archetype:1.4 to generate the seam skeleton project.

after successfully build and deployed it to jboss-as 7 i noticed that whenever i tried to login after sometime of inactivity it brings me to the following page:

http://localhost:8080/pb/error.seam?cid=12

but the browser says:

HTTP Status 404 - /pb/error.seam

type Status report

message /pb/error.seam

description The requested resource (/pb/error.seam) is not available.

JBoss Web/7.0.13.Final

with the stack trace:

01:50:13,239 ERROR [org.jboss.seam.exception.Exceptions] (http-localhost-127.0.0.1-8080-1) handled and logged exception: javax.servlet.ServletException: viewId:/index.seam - View /index.seam could not be restored.

at javax.faces.webapp.FacesServlet.service(FacesServlet.java:270) [jsf-api-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:530) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:388) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397) [jbossweb-7.0.13.Final.jar:]

at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]

at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_21]

Caused by: javax.faces.application.ViewExpiredException: viewId:/index.seam - View /index.seam could not be restored.

at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:189) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:102) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) [jsf-api-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

... 40 more

...

I thought that it's handled in this pages.xhtml?

<?xml version="1.0" encoding="UTF-8"?>

<pages xmlns="http://jboss.com/products/seam/pages"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.2.xsd"

no-conversation-view-id="/index.xhtml"

login-view-id="/index.xhtml">

<page view-id="/*">

<navigation from-action="#{blogEntryService.newInstance}">

<redirect view-id="/blogEntryEdit.xhtml"></redirect>

</navigation>

<navigation from-action="#{identity.logout}">

<redirect view-id="/index.xhtml" />

</navigation>

</page>

<exception

class="org.jboss.seam.framework.EntityNotFoundException">

<redirect view-id="/error.xhtml">

<message>Not found</message>

</redirect>

</exception>

<exception class="org.hibernate.validator.InvalidStateException">

<end-conversation />

<redirect view-id="/error.xhtml" />

</exception>

<exception class="javax.persistence.EntityNotFoundException">

<redirect view-id="/error.xhtml">

<message>Not found</message>

</redirect>

</exception>

<exception class="javax.persistence.OptimisticLockException">

<end-conversation />

<redirect view-id="/error.xhtml">

<message>

Another user changed the same data, please try again

</message>

</redirect>

</exception>

<exception class="org.jboss.seam.security.AuthorizationException">

<redirect view-id="/error.xhtml">

<message>You don't have permission to do this</message>

</redirect>

</exception>

<exception class="org.jboss.seam.security.NotLoggedInException">

<redirect view-id="/login.xhtml">

<message>#{messages['org.jboss.seam.NotLoggedIn']}</message>

</redirect>

</exception>

<exception class="javax.faces.application.ViewExpiredException">

<redirect view-id="/error.xhtml">

<message>

Your session has timed out, please try again

</message>

</redirect>

</exception>

<exception>

<redirect view-id="/error.xhtml">

<message>Unexpected error, please try again</message>

</redirect>

</exception>

</pages>

not sure where it went wrong..

any hints appreciated.

thanks,

johan

1. Re: [seam-2.2.2] security handling sfsb timeout

johanatobm Nov 28, 2012 1:33 PM (in response to johanatobm)

From what i get is that the page /error.xhtml
is not accessible. accesing the url: http://localhost:8080/pb/error.xhtml
gets me to:
HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
JBoss Web/7.0.13.Final

and accessing the url:http://localhost:8080/pb/error.seam
gets me to:
HTTP Status 404 - /pb/error.seam
type Status report
message /pb/error.seam
description The requested resource (/pb/error.seam) is not available.
JBoss Web/7.0.13.Final

so how do i allow the public/guest to access /error.xhtml without them being authenticated by seam security?
Actions