tags:

views:

1758

answers:

5
+4  Q: 

Handling an expired ViewState in JSF and Richfaces

I have a series signup pages that build on each other. When the users session expires I have a Listener that cleans everything up on the server and that works great. But, if the user attempts to do anything else I just want to redirect them back to the first page of the series. However, my filter doesn't seem to work correctly. I keep getting javax.faces.application.ViewExpiredException

What is the best practice for handling this expcetion? I can't really just handle in web.xml because that's too global. Plus the Error page is being rendered from some JSF code - it seems like I need to catch that this is happening using a PhaseListener so the exception doesn't happen in the first place, but I haven't been able to find a good model for how to do this. Any ideas?

+1  A: 

I think you are the correct track with a phase listener. Essentially set something up in session on the first page. Then in phase listener look for the value in session. If it doesn't exit then do a redirect. The trick is to do it early in the phase listener process. Not sure exactly where in the process your phase listener is throwing the exception.

JeffJak  2009-08-04 20:47:20
A: 

You can check whether you session is invalidate or not

boolean sessionInValid = httpServletRequest.getRequestedSessionId() != null && !httpServletRequest.isRequestedSessionIdValid();

Here the boolean variable sessionInValid will return true if the session is invalidate by any means.

You can add this in a filter or a listener then configure this in your web.xml file.

Umesh Aawte  2009-08-06 07:01:44
+1  A: 

The way I handle this is to add a filter to the web.xml only mapped to the urls you want to track. That filter checks if the session is expired, and then forwards to a login page if it is. It should work if the filter is run before any JSF code is run.

Colin Gislason  2009-08-18 16:21:18
A: 

Richfaces has their own mechanism for handling ViewExpiredException, look at Richfaces docs.

MarrLiss  2009-08-18 17:25:25
but seems like that works only for ajax requests
daedlus  2010-02-18 10:32:53
That refers to *session* expiry, not view expiry.
EJP  2010-08-16 08:32:54
+1  A: 

The way I have handled this in the past is to use a listener which checks a field in a managed session bean. If the users session times out a listener cleans up the mbean and marks the user as not logged in. Every request is sent through the listener and if the requirements are not met then the user is forced out of the site. I never get ViewExpiredException in my log. The only time this exception has occurred is if the server has been restarted and the user requests a page when having a previous active session.

Thomas Kessler  2009-08-31 03:03:30

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java