1 2 Previous Next 26 Replies Latest reply on Oct 28, 2005 12:44 PM by Marius Oancea

    booking demo on jBoss site

    Robert Dennett Newbie

      I was testing out the booking demo on this site and I noticed that the URLs displayed in the browser address field seemed to indicate the previous page rather than the current page. I also noticed that when I logged out, I was able to use the back button to see all the previous pages rather than get a log -in screen. I understand that this is an example app, but I am curious as to what would be required to fix that.

      Thanks,
      Rob

        • 1. Re: booking demo on jBoss site
          Gavin King Master

          This is just what happens with JSF.

          • 2. Re: booking demo on jBoss site
            Robert Dennett Newbie

            Just to clarify, if I log in and click "find hotel" with nothing entered in the search field, I get a list of all hotels. At this point the URL of the page is main.jsf. If I click on one of the "view hotel" links, I see the hotel details and the URL is still main.jsf. When I click on "next hotel" I see the hotel details for the next hotel in my search, but now the URL is hotel.jsf, which is what I would have expected for the previous page.

            Are you saying that this is an issue with JSF vs. Seam?

            Thanks,
            Rob

            • 3. Re: booking demo on jBoss site
              Emmanuel Okyere Newbie

              gavin, given what you know about the framework, i think

              This is just what happens with JSF.
              is grossly inadequate for an answer; what does it actually mean, and which of the questions raised does it address? these are the questions:

              1// why does the address field not update to indicate the current page?
              2// why was rdennett able to log out and "back button" into the application without a login page prompt?

              thanks,
              eokyere

              • 4. Re: booking demo on jBoss site
                Jacob Hookom Newbie

                JSF works through a series of postbacks... so the page that is rendered, all events (http posts) get routed back to the same URI for processing. Not until you redirect out, does the URI change. Theoretically, you could have a whole rich UI just work off of one URI in the location bar.

                Since JSF does work off of posts, I'm sure rdennett recieved a pop asking if he would like to repost the data. Since there is a separation between view and action, the view is rendered, but if any actions were committed, Seam would make the LoggedIn assertion. So basically, you can view, but you can't invoke actions.

                I hope this clarifies things a bit.

                • 5. Re: booking demo on jBoss site
                  Norman Richards Master

                  You can make the address bar show the "correct" page by using using on the view in faces-config.xml. However, this does not play nicely with conversations.

                  • 6. Re: booking demo on jBoss site
                    Robert Dennett Newbie

                    What is the proper approach then?

                    Thanks,
                    Rob

                    • 7. Re: booking demo on jBoss site
                      Jacob Hookom Newbie

                      I don't really see the problem here. The same problem happens if you use Amazon or Bookpool and they tell you not to re-purchase your basket by backing out and clicking submit again. There's a difference between viewing the information and modifying it. You were able to view it, but Seam allows you to decorate actions with assertions-- such as @LoggedIn.

                      You can always use a filter too, so say, at login-- here's one page, but other pages are postbacks to a different URI and my filter on that URI guarantees that I have a User in the session.

                      Hopefully this applies to your case?

                      • 8. Re: booking demo on jBoss site
                        Gavin King Master

                        My first response was utterly appropriate for the Seam forum. All JSF apps behave like this. If you have a problem with this behavior, take it up with the JSF EG, not us.

                        • 9. Re: booking demo on jBoss site
                          Robert Dennett Newbie

                          The problem with being able to back up after logging out might be a problem if you, for example, entered credit card data at a public terminal. Forgive my ignorance, but I would expect that once the session was invalidated, when a user attempted to go to a password-protected page, the user would be redirected to the log in page.

                          With respect to the URL being wonky, I am still not clear if _that_ is the JSF issue or if being able to back up from the log-out page is the JSF issue. Also, are you guys saying that the best approach here is to have the whole site work off the same URL?

                          Thanks,
                          Rob

                          • 10. Re: booking demo on jBoss site
                            Jacob Hookom Newbie

                            If you are dealing with app security, then I would recommend putting a ServletFilter over your application that makes exceptions for some pages, such as login.

                            • 11. Re: booking demo on jBoss site
                              jameswoodward Newbie

                              It is just a demo application!

                              In a real world application, you would use the web app security constraints that are built into the web server.

                              • 12. Re: booking demo on jBoss site
                                James Cook Newbie

                                 


                                I don't really see the problem here. The same problem happens if you use Amazon or Bookpool and they tell you not to re-purchase your basket by backing out and clicking submit again.

                                Jacob,

                                Resubmitting a form aside, bookmarking is very broken in this model. This must have been discussed to death on the JSF forums, but I can't find any good reference articles.

                                In the booking demo, if I go to settings and press cancel, my URL will be http://seam.demo.jboss.com/password.jsf. The page displayed to me is the booking demo home page. If I bookmark this page, I don't get anything like I would intuitively expect when I return to the bookmarked page.

                                I understand that you and Gavin are stating that this is just the way JSF works, but inutitively it is broken. If the Seam demo is truly a demo and hasn't coded for this type of mismatch, what would the "best practice" be to alleviate this problem. For example, would a redirect after post solve this problem in a consistent manner with less unintuitive side-effects?

                                • 13. Re: booking demo on jBoss site
                                  Alex Temnokhod Newbie

                                  Use in faces-config.xml, and you will get valid URLs in browser.

                                  My question. How to eliminate the Find button in Booking example? To show hotel list by GET request directly, with @DataModel variable initialization.

                                  • 14. Re: booking demo on jBoss site
                                    Alex Temnokhod Newbie

                                    Use < redirect/ > in faces-config.xml

                                    1 2 Previous Next