6 Replies Latest reply on Aug 17, 2010 9:10 AM by Tauseef Ahmed

    inject and outject session scoped object?

    su baochen Newbie

      Hi all,

      I have written an observer like this:

           private Member currentUser;
           public void userLoggedIn() {
                //info("user logged in successfully");
                this.currentUser = memberService.getMember();

      memberService is a SLSB  to find the user from identity.

      That is, when user logged in, currentUser will outjected to session scope,but when I inject currentUser just like this:

      private Member currentUser;
      public void test(){
          System.out.println("currentUser=" + currentUser);

      when I call test method, currentUser just return null! I promise that I have logged in.

      What happended with seam injection and outjection with session scope? Anyone an help me ? Thanks a lot in advance!

        • 1. Re: inject and outject session scoped object?
          Leo van den berg Master


          Being logged in doesn't mean everrything is running in the same session/thread. I normally outject the currentUser directly in the Auheticate method.


          • 2. Re: inject and outject session scoped object?
            su baochen Newbie

            Thanks Leo first!

            But I use jpaPermissionStore to authenticate user,so there is no authencate method needed, that is why I observe org.jboss.seam.security.loginSuccessful envent.

            So you mean I should observe another event other than org.jboss.seam.security.loginSuccessful? Which event should I observe to get the current logged in user?


            Su Baochen

            • 3. Re: inject and outject session scoped object?
              Leo van den berg Master


              You're using the newer features of Seam in relation to authentication (you've presumably defined the Users and Roles etc. with annotations). Don't have much experience there because I use the older authentication way. The only reason I am sticking to that concept, because I hate adding a Seam-dependency to the domain model.

              The only way to check this out is to look in your test-method (that's the reason I asked for some code) if it's called from within your own session.

              The other one is that the login event is called asybchrounously (just guessing, I am not sure here), which means it doesn't outject the real current user.  Just place a log or system out and you can see what is outjected there.


              • 4. Re: inject and outject session scoped object?
                su baochen Newbie

                Hi Leo,

                Thanks you first!

                I have write a SessionListener to track when currentUser is added to the session and when currentUser removed from the session. The sessionListener is as below:

                import java.util.HashMap;
                import java.util.Map;
                import javax.servlet.http.HttpSessionAttributeListener;
                import javax.servlet.http.HttpSessionBindingEvent;
                import javax.servlet.http.HttpSessionEvent;
                import javax.servlet.http.HttpSessionListener;
                import org.jboss.seam.contexts.Contexts;
                import org.jboss.seam.web.ServletContexts;
                public class SessionListener implements HttpSessionListener,HttpSessionAttributeListener {
                     private Map map;
                     public SessionListener() {
                          map = new HashMap();
                     public void attributeAdded(HttpSessionBindingEvent e) {
                          Object user = e.getSession().getAttribute("currentUser");
                          System.out.println("adding currentUser to session:" + user);
                     public void attributeRemoved(HttpSessionBindingEvent e) {
                          try {
                               System.out.println("before remove from session,source="+e.getSource());          
                               Object u = e.getSession().getAttribute("currentUser");
                                         .println("!!!!!!!!!!!!!!!!!remove currentUser from session:"
                                                   + u);
                          } catch (java.lang.IllegalStateException ex) {
                               System.out.println("session is invalid!!!!");
                     public void attributeReplaced(HttpSessionBindingEvent e) {
                          Object u = e.getSession().getAttribute("currentUser");
                          System.out.println("currentUser replaced from session:" + u);
                     public void sessionCreated(HttpSessionEvent se) {
                          // TODO Auto-generated method stub 
                          System.out.println("session created:"+se);
                     public void sessionDestroyed(HttpSessionEvent se) {
                          // TODO Auto-generated method stub
                          System.out.println("session destroyed:"+se);

                The strange thing is that, MOST of the time currentUser is there, but suddenly, when I visit some special pages, currentUser is destroyed.

                I have tried to looked up the source code of seam to find why and how currentUser is destroyed,but have not get any conclusion.

                Also, I have tried visit debug.seam to see what happended related to session context after click one page. From debug.seam I know that when currentUser is destroyed, all other things in session context are just there! only currentUser is destroyed!

                I also have tried different version of jboss(5.0.0,5.1.0), all failed in the same situation.

                I'd like to track when and why currentUser is destroyed, but I don't know how to debug seam itself:-(,so would you like to tell me how to debug seam itself? Then I can track to find who destroy currentUser,and why and when destroy currentUser.

                Thank you very much!

                Baochen Su  

                • 5. Re: inject and outject session scoped object?
                  Leo van den berg Master


                  I am not really an expert in the area of barebones http-programming, but what I can imagine is that there is some interference with Seam which heavily depends on his own Listener. I still don't see where and how you call the test-method and can you be more specific about the special pages you visit. Seam creates his own context layer, which provides more control over storage of variables. Do you loose currentUser in those specific pages only, or can you see it again when you go to another page?


                  • 6. Re: inject and outject session scoped object?
                    Tauseef Ahmed Newbie

                    Hi Su,

                    Is your Member class is annotated, if that is the case try using variable name(currentUser) as component name.