Losing sessions on GlassFish

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by synti on Stack Overflow See other posts from Stack Overflow or by synti
Published on 2012-12-11T23:01:43Z Indexed on 2012/12/11 23:03 UTC
Read the original article Hit count: 315

Filed under:
|
|
|
|

I have a web application that logs users in a @SessionScoped managed bean. It's all the basic stuff, pretty much like this: users logs in using regular http form and gets redirect to user area (wich is protected using a filter). But if any resource on that area is accessed, the request somehow uses a new session, wich has no managed bean, no user, and the filter does his job, redirecting him to login page.

Here's the login form:

<h:form>
    <h:outputLabel for="email" value="Email "/>
    <p:inputText id="email" size="30" value="#{loginManager.email}"/>
    <h:outputLabel for="password" value="Password "/>
    <p:password id="password" size="12" value="#{loginManager.password}"/>
    <p:commandButton value="Login" action="#{loginManager.login()}"/>
</h:form>

The loginManager managed bean:

@ManagedBean
@SessionScoped
public class LoginManager implements Serializable {
    @EJB private UserService userService;
    private User user;
    private String email;
    private String password;

    public String login() {
        user = userService.findBy(email, password);
        if (user == null) {
            // FacesMessage stuff
        } else {
            return "/user/welcome.xhtml?faces-redirect=true";
        }
    }

    public String logout() {
        FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
        return "/index.xhtml?faces-redirect=true";
    }

    // Getters, setters (no setter for user) and serialVersionUID

And then comes the filter that protects the user area:

@WebFilter(urlPatterns="/user/*", displayName="UserFilter")
public class UserFilter implements Filter {

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, 
            FilterChain chain) throws IOException, ServletException {
        HttpSession session = ((HttpServletRequest)request).getSession(false);
        LoginManager loginManager = 
                (LoginManager) session.getAttribute("loginManager");
        if (loginManager == null || !loginManager.hasUser()) {
            HttpServletResponse resp = (HttpServletResponse) response;
            resp.sendRedirect("index.xhtml");
        }
        final User user = loginManager.getUser();
        if (user.isValid()) {
            chain.doFilter(request, response);
        } else {
            HttpServletResponse resp = (HttpServletResponse) response;
            resp.sendRedirect("index.xhtml");
        }
    }

The UserService is just a stateless EJB that handles persistence. Part of the JSF for user area:

<h:form>
    <p:panelMenu>
        <p:submenu label="Items">
            <p:menuitem value="Add item" action="#{userItens.addItems}" ajax="false"/>
            <p:menuitem value="My items" />
        </p:submenu>
    </p:panelMenu>
</h:form>

And finally the userItens managed bean.

@ManagedBean
@RequestScoped
public class UserItens {   
    private User user;

    @PostConstruct
    private void init() {
        HttpSession session = (HttpSession) FacesContext.getCurrentInstance()
                .getExternalContext().getSession(false);
        LoginManager loginManager = 
                (LoginManager) session.getAttribute("loginManager");
        if (loginManager != null)
            user = loginManager.getUser();
    }

    public String addItems() {
        // Doesn't get here. Seems like UserFilter comes first, doesn't find 
        // an user and redirects.

    }

I'm using glassfish and session timeout is now on 0.

© Stack Overflow or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about java

Related posts about jsf

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle