tags:

views:

42

answers:

1

I am using Tomcat 6.0, JSF2.0.2

I realized that randomly HttpServletRequest getSession method, returns null.

I could the session randomly be null?

How can I debug who sets the session to null?

I checked it with request.getSession(true) and it returns null. How could it be that it cannot create a session?

+1  A: 

First, this problem is not related to JSF since it's "just" a component based MVC framework. This problem is more related to the servletcontainer in question, which is in this case thus Tomcat.

As to the problem: I've seen this before in specific portal(-like) applications. Tomcat has some builtin phishing prevention which would return a null session when the given cookie ID and path doesn't match with any cookie in Tomcat's session manager. More than often this problem can be solved by setting emptySessionPath attribute of the HTTP Connector <Connector> in conf/server.xml to true.

BalusC
I tried it - but it doesn't help.I still get from time to time this error message:(
Odelya
Debug the request headers to check if the valid cookie is there. If not, then it's a client or proxy issue
BalusC
What we had to do was to set the user_id that both on externalcontext session and tomcat request session like this:ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext(); HttpServletRequest req = (HttpServletRequest) ectx.getRequest(); HttpSession session = (HttpSession) ectx.getSession( false ); ectx.getSessionMap().put( Constants.CURRENT_USER_ID_ATTR, user.getId() ); session.setAttribute( Constants.CURRENT_USER_ID_ATTR, user.getId() ); req.getSession( false ).setAttribute( Constants.CURRENT_USER_ID_ATTR, user.getId() );interesting, ha?
Odelya