views:

25

answers:

1

I have the Seam session-scoped component, CustomIdentity which overrides the standard Seam Identity (also session-scoped). The extended CustomIdentity has a property

@Out(required=false, scope=ScopeType.SESSION)private User user

In the overriden login() I define a User object, populated with information from the Principal of the HttpServletRequest. In the first request in the application the User object is outjected as expected in SESSION scope. In the second request, though, the User object has vanished from the Session, and when I visit a page that Injects it, I get an exception.

My question is when exactly the component is outjected:

  • After each and every one method of the CustomIdentity component (even if it does not contain a reference of user)?
  • After each method that contains a reference of the User component?

And about the required attribute:

  • If upon outjection the User object evaluates to null, is the already outjected User going to be removed from Session scope?

Cheers!

+3  A: 

To your first question: the component is oujected after each and every method of CustomIdentity. Take a look at the corresponding Seam source code org.jboss.seam.core.BijectionInterceptor (Seam 2.2.0). Bijection takes place at component, i.e., class, level.

To your second question: every time a request to CustomIdentity finishes, the value of your field is outjected. If you use the outjection property require=false, the user that is currently outjected in your session context may be overridden by null.

kraftan
Thanks man! So, if I have a method which will be invoked at some point and which will set the user into session *and leave it there*, no matter how many invocations of CustomIdentity methods take place, I should have @In(required=false) and @Out(required=false)?
Markos Fragkakis
Sorry, I meant @Out(required=true).
Markos Fragkakis
No that wouldn't work because outjection takes place whether you have injected or not. If you have exactly one method that should outject the user and any other method should *not* outject the user, then you have two possibilities: either you have that particular method in a separated component or you outject it by hand: `Contexts.getSessionContext().set("user", user);`
kraftan
Sorry, our comments were crossing ;) Yes `@Out(required=true)` should work, too.
kraftan
I don't know. Could it be that you encounter a session timeout or your request may have another session id? Have you checked whether the request that doesn't have the user in SESSION gets the same session context as the request before?
kraftan
There could be another possibility. Seam's `BijectionInterceptor` holds a lock while injecting or outjecting a component. Assume you have two requests into `CustomIdentity` that follow each other almost without a timely cap and the first request is `login`. If the second request is processing the injection and the first did not outject yet or is being on hold for outjection, the second request gets `null` injected.
kraftan