1 2 Previous Next 21 Replies Latest reply on Feb 4, 2013 11:23 AM by ibrewster



      in my seam application i am login perfectly first time,when i am logout then click login then i got following exception..

      javax.faces.application.ViewExpiredException: viewId:/login.seam - View /login.seam could not be restored.
              at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:186)
              at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100)
              at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:104)
              at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
              at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
              at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:177)
              at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:267)
              at org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:380)
              at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:507)
              at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
              at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
              at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
              at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)
              at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
              at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
              at java.lang.Thread.run(Thread.java:595)

      here my logout link is

      <s:link view="/login.xhtml" action="#{service.LogoutMethod}" value="Logout" rendered="#{identity.loggedIn}"/>

      how to overcome this please help me....

        • 1. Re: javax.faces.application.ViewExpiredException:
          I get the same javax.faces.application.ViewExpiredException on my logout page which uses some <a4j:poll />, so I guess we both hit the same problem here.

          As far as I understand this, there is a call to Session.instance().invalidate() in the Identity.logout() method this causes your form backing bean and my page data to get lost since they were stored in the session so the view can't be restored.
          (somebody correct me if I am wrong here)

          One ugly hack is to override logout() in org.jboss.seam.security.identity with:

              public void logout() {
                  if (isLoggedIn()) {
                     // Session.instance().invalidate();
                     if (Events.exists()) Events.instance().raiseEvent(EVENT_LOGGED_OUT);

          a better idea would be to reload your login or my logout page and start a new session, maybe anyone has an idea how this can be done in a smart way without ending in an infinite loop...
          • 2. Re: javax.faces.application.ViewExpiredException:

            Can you do a redirect after your action?

            • 3. Re: javax.faces.application.ViewExpiredException:
              Thanks Norman,

              I use the following redirect in my pages.xml:

                  <page view-id="/doLogout.xhtml">     
                    <description>invalidate session</description>
                    <action execute="#{identity.logout}"
                            if="#{identity.loggedIn}" />
                      <redirect view-id="/logout.xhtml" />

                  <page view-id="/logout.xhtml">     
                    <description>logout page</description>

              and the logout link in my jsf is:
              <a href="#{request.contextPath}/doLogout.html">
              • 4. Re: javax.faces.application.ViewExpiredException:

                I am having the same problems too, any solutions?

                • 5. Re: javax.faces.application.ViewExpiredException:
                  I solved this problem putting this code in web.xml:


                  After this no more ViewException.
                  • 6. Re: javax.faces.application.ViewExpiredException:

                    Has anyone found any better solution than switching to client saving state mode (one may not want to save on client side)?

                    It seems to be a serious problem that Seam don't let out-of-the-box to do such common thing like logging out and then loggin in on other account.

                    • 7. Re: javax.faces.application.ViewExpiredException:
                      First, my understanding of the exception with server state saving method, is that when you postback to the server and the component tree page stack does not have the rendered page/viewId from the previous http get, you'll get viewexpiredexception.

                      We are using seam 2.2, facelets and richfaces 3.x.  If the browser has cached your login.seam page you are heading for trouble as you'll neither get an http session, nor a component tree for the login.seam get request because there won't be one.  One way to test, is clear cache after logout and before login and see if your issue is resolved.  2 places you can fix this are in the facelets template or pages.xml.

                              <meta http-equiv="Pragma" content="no-cache"/>
                              <meta http-equiv="Expires" content="-1"/>

                                 <header name="Cache-Control">no-cache, no-store, max-age=0, must-revalidate</header>

                      If you are using Richfaces and Facelets, make sure they are wired together correctly.  Seam-gen at the time I created our project was misleading by putting FaceletViewHandler in faces-config.xml.  With richfaces, you should have no view-handler tag in faces-config, but instead have a context-param in you web.xml like this:


                      With those two things done, the only time we are seeing ViewExpiredExceptions are when sessions have timed out and postback is made to a missing session and missing component tree.

                      I hope this helps.
                      • 8. Re: javax.faces.application.ViewExpiredException:
                        Scott - thanks for great post that clarifies problem.
                        Once again Seam waste my few hours doing simple thing:)))

                        I have added <meta> to <head> of my login.seam (which is out of any template)
                        btw: I don't know how to do it globally as You shown by <header> in pages.xml - simply no such tag in xsd
                        I have also changed FaceletViewHandler to context-param (thanks again seam-gen for great project generated)

                        And I still have problem with "javax.faces.application.ViewExpiredException: viewId:/login.seam - View /login.seam could not be restored."
                        when logging after logout.

                        Does anyone have this solution working?
                        • 9. Re: javax.faces.application.ViewExpiredException:

                          Scott, great explanation.

                          One thing we do here using seam capabilities is to redirect the user to a login page when a ViewExpiredException exception occurs (if the server doesn't have the page's component tree anymore -> session is gone).

                                ViewExpiredException occurs if the user posts back to a page once their session has expired
                              <exception class="javax.faces.application.ViewExpiredException">
                                  <redirect view-id="/login.jsf">
                                      <message for="loginForm" severity="ERROR">

                          The code above should be on you pages.xml.

                          • 10. Re: javax.faces.application.ViewExpiredException:
                            I found that this "great enterprise fix" helps to avoid error page:


                            If You logout, than click Login button than login page reload. Next Login Button click works fine.
                            Good thing is that statistic user rarely logouts (if so than rarely relogins;)
                            • 11. Re: javax.faces.application.ViewExpiredException:

                              I've got this problem as well and none of these solutions fix it for me.

                              I have a login form that displays on a dashboard that is included in the template.

                              Same thing... login once, works fine. Logout and login again, ViewExpiredException.

                              Anybody else have a workaround for this?

                              • 12. Re: javax.faces.application.ViewExpiredException:

                                I have the same problem...

                                Users are getting login with sucessfull, but when they're clicking in any menu link, happens ViewExpiredException. This issue only happens in IE browser.

                                I tried all the solutions above, but i haven't sucessfull. Anyone know something about?


                                • 13. Re: javax.faces.application.ViewExpiredException:

                                  Thanks, Slawek. Yout solution works for me! I don't know what's this context parameter about but it just do what you say. Maybe there is some way to reload login page automatically after logging out (without a need to click once to reload) so that new user logs in just after first attempt?

                                  • 14. Re: javax.faces.application.ViewExpiredException:

                                    Hi guys, if this problem is actual for someone, i can tell how resolve  problem after logout-login view expired.

                                    All you need in pages.xhtml:

                                    <page view-id="/logoutTemp.xhtml">
                                            <redirect view-id="/home.xhtml" />

                                    and in your logout button:


                                    PS: first,you dont need to make file logoutTemp.xhtml and the second, you can redirect in any
                                    page you wants.

                                    1 2 Previous Next