1 Reply Latest reply on Nov 28, 2012 1:33 PM by johanatobm

    [seam-2.2.2] security handling sfsb timeout

    johanatobm

      Hi,

       

      I'm using de.akquiner.jbosscc:jboss-seam-archetype:1.4 to generate the seam skeleton project.

      after successfully build and deployed it to jboss-as 7 i noticed that whenever i tried to login after sometime of inactivity it brings me to the following page:

      http://localhost:8080/pb/error.seam?cid=12

      but the browser says:

      HTTP Status 404 - /pb/error.seam


      type Status report

      message /pb/error.seam

      description The requested resource (/pb/error.seam) is not available.


      JBoss Web/7.0.13.Final

       

      with the stack trace:

      01:50:13,239 ERROR [org.jboss.seam.exception.Exceptions] (http-localhost-127.0.0.1-8080-1) handled and logged exception: javax.servlet.ServletException: viewId:/index.seam - View /index.seam could not be restored.

          at javax.faces.webapp.FacesServlet.service(FacesServlet.java:270) [jsf-api-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:329) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.IdentityFilter.doFilter(IdentityFilter.java:40) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:90) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:530) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

          at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:56) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:60) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.web.HotDeployFilter.doFilter(HotDeployFilter.java:53) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) [jboss-seam-2.2.2.Final.jar:2.2.2.Final]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

          at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:206) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

          at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

          at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:388) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

          at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:515) [richfaces-impl-3.3.3.Final.jar:3.3.3.Final]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397) [jbossweb-7.0.13.Final.jar:]

          at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]

          at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

          at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_21]

      Caused by: javax.faces.application.ViewExpiredException: viewId:/index.seam - View /index.seam could not be restored.

          at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:189) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:102) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) [jsf-impl-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) [jsf-api-1.2_15-jbossorg-2.jar:1.2_15.jbossorg-1-20111019-SNAPSHOT]

          ... 40 more

       

      ...

      I thought that it's handled in this pages.xhtml?

      <?xml version="1.0" encoding="UTF-8"?>

      <pages xmlns="http://jboss.com/products/seam/pages"

              xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

              xsi:schemaLocation="http://jboss.com/products/seam/pages http://jboss.com/products/seam/pages-2.2.xsd"

              no-conversation-view-id="/index.xhtml"

              login-view-id="/index.xhtml">

         

          <page view-id="/*">

              <navigation from-action="#{blogEntryService.newInstance}">

                  <redirect view-id="/blogEntryEdit.xhtml"></redirect>

              </navigation>

             

              <navigation from-action="#{identity.logout}">

                  <redirect view-id="/index.xhtml" />

              </navigation>

          </page>

         

       

          <exception

              class="org.jboss.seam.framework.EntityNotFoundException">

              <redirect view-id="/error.xhtml">

                  <message>Not found</message>

              </redirect>

          </exception>

       

          <exception class="org.hibernate.validator.InvalidStateException">

              <end-conversation />

              <redirect view-id="/error.xhtml" />

          </exception>

       

          <exception class="javax.persistence.EntityNotFoundException">

              <redirect view-id="/error.xhtml">

                  <message>Not found</message>

              </redirect>

          </exception>

       

          <exception class="javax.persistence.OptimisticLockException">

              <end-conversation />

              <redirect view-id="/error.xhtml">

                  <message>

                      Another user changed the same data, please try again

                  </message>

              </redirect>

          </exception>

       

          <exception class="org.jboss.seam.security.AuthorizationException">

              <redirect view-id="/error.xhtml">

                  <message>You don't have permission to do this</message>

              </redirect>

          </exception>

       

          <exception class="org.jboss.seam.security.NotLoggedInException">

              <redirect view-id="/login.xhtml">

                  <message>#{messages['org.jboss.seam.NotLoggedIn']}</message>

              </redirect>

          </exception>

       

          <exception class="javax.faces.application.ViewExpiredException">

              <redirect view-id="/error.xhtml">

                  <message>

                      Your session has timed out, please try again

                  </message>

              </redirect>

          </exception>

       

          <exception>

              <redirect view-id="/error.xhtml">

                  <message>Unexpected error, please try again</message>

              </redirect>

          </exception>

      </pages>

       

      not sure where it went wrong..

      any hints appreciated.

       

      thanks,

      johan

        • 1. Re: [seam-2.2.2] security handling sfsb timeout
          johanatobm

          From what i get is that the page /error.xhtml

          is not accessible. accesing the url: http://localhost:8080/pb/error.xhtml

          gets me to:

          HTTP Status 403 - Access to the requested resource has been denied


          type Status report

          message Access to the requested resource has been denied

          description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


          JBoss Web/7.0.13.Final

           

          and accessing the url:http://localhost:8080/pb/error.seam

          gets me to:

          HTTP Status 404 - /pb/error.seam


          type Status report

          message /pb/error.seam

          description The requested resource (/pb/error.seam) is not available.


          JBoss Web/7.0.13.Final

           

           

          so how do i allow the public/guest to access /error.xhtml without them being authenticated by seam security?