3 Replies Latest reply on Jan 7, 2009 8:00 AM by bcole

How to implement graceful session timeout upon form submission

ocramedl Oct 18, 2008 11:35 AM

Hi all.
I would like to implement the following behaviour:

the user session has expired

the user presses the submit button of a form full of data

the user is (correctly) redirected to the login page

the user logs in

Seam redirects the user to the page containing the form he/she was editing with all the values he/she set still there

Is this possible? And if so, can anyone give me some hint about how to do it?

Currently, when submitting a form after the user's session has expired I get the following exception:

08:13:33,545 ERROR [lifecycle] JSF1054: (Phase ID: RESTORE_VIEW 1, View ID: ) Exception thrown during phase execution: javax.faces.event.PhaseEvent[source=com.sun.faces.lifecycle.LifecycleImpl@181a7dc]
08:13:33,550 ERROR [ExceptionFilter] handling uncaught exception
javax.servlet.ServletException: viewId:/UserEdit.seam - View /UserEdit.seam could not be restored.
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:270)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
     at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
     at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
     at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
     at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
     at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
     at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.application.ViewExpiredException: viewId:/UserEdit.seam - View /UserEdit.seam could not be restored.
     at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:186)
     at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
     at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:104)
     at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
     ... 39 more
08:13:33,550 ERROR [ExceptionFilter] exception root cause
javax.faces.application.ViewExpiredException: viewId:/UserEdit.seam - View /UserEdit.seam could not be restored.
     at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:186)
     at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
     at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:104)
     at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
     at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:42)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
     at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
     at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
     at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
     at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
     at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
     at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
     at java.lang.Thread.run(Thread.java:595)

After that Seam correctly redirects me to the login page as I specified in pages.xml with the following rule:

    <exception class="javax.faces.application.ViewExpiredException">
        <redirect view-id="/login.xhtml">                    
            <message>#{messages.SYSTEM_sessionTimeout}</message>
        </redirect>
    </exception>

But why the above error? Am I missing something or doing something wrong?
I can't understand this different behaviour with forms, since, when the session expires and I make an action which does not require a form submission (e.g. navigate from page A to page B of my webapp), seam correclty redirects me to the login page, but, after a successful login, it performs the requested action (e.g. it brings me to page B). And this behaviour is expected since the following event listeners are set in components.xml (as specified in Seam's documentation):

<event type="org.jboss.seam.security.notLoggedIn">
  <action execute="#{redirect.captureCurrentView}"/>
</event>
<event type="org.jboss.seam.security.postAuthenticate">
  <action execute="#{redirect.returnToCapturedView}"/>
</event>

I have read the thread of Christian Bauer about Implementing graceful session timeout with Seam, JSF, and jQuery, but that solution does not fully meet my goals, since I would like to allow the user to submit the data he/she already entered in a form without having to copy-paste it manually again.

Any help would be much appreciated.

Thanks. All the best!

1. Re: How to implement graceful session timeout upon form submission

wachtda.scsi.gmx.ch Nov 26, 2008 1:20 PM (in response to ocramedl)

I have exactly the same issues!

Did you found any solution for this problem?
Actions
2. Re: How to implement graceful session timeout upon form submission

sjmenden Nov 26, 2008 4:46 PM (in response to ocramedl)

I created http://www.seamframework.org/Documentation/RedirectingBackToCurrentPageWhenSessionTimesOut recently but I haven't had too much time to fine tune it. It works first time through, not subsequent times, feel free to contribute, I haven't had the time to get back to it.
Actions
3. Re: How to implement graceful session timeout upon form submission

bcole Jan 7, 2009 8:00 AM (in response to ocramedl)
Sam's example does everything except the bit in italics:

the user session has expired

the user presses the submit button of a form full of data

the user is (correctly) redirected to the login page

the user logs in

Seam redirects the user to the page containing the form he/she was editing with all the values he/she set still there

It is easy to have the values populated from the last save of the form, but not any changes made since the last save.
Actions

Go to original post