I am dumbfounded why session is lost or different every time when calling backbean. I googled and tried different solutions but it's not working. One thing that works is if I create a JSP page then the session and attributes work. Basically, from JSF webapp1 calling JSP webapp2/servlet. Then webapp2/servlet forward back to webapp1. I want to get attributes saved in webapp2 but it always NULL. Here is how I am doing it:
add to context.xml
getServletContext().getContext("/webapp1").getRequestDispatcher("/Login.xhtml").forward(request, response); //if change to Login.jsp then it works
First, and most fatally, you're writing your own login system. Don't. JEE defines a standard security framework that's well-documented, designed by full-time security people, well-debugged and requires minimal extra coding. User-defined security systems, on the other hand are none of these, and in about 95% of the cases I've seen over the last decade or so, the user-defined security systems can be cracked by non-technical people in 15 minutes or less. And that includes the ones that the company's "expert" designed for them. Security is a case where one weak link breaks the chain and unless you like having sensitive data for auction in Serbia, leave it to people who don't have to do it "in 'addition' to the important stuff".
Secondly, JSF is an Inversion of Control framework. In IoC, you don't go after stuff, you sit back and have it delivered to you' It's the Amazon Prime of JEE webapp programming, if you like.
In fact, I have 2 basic rules about JSF and one of them is this: The more JSF-specific code you have in your application, the more likely you've done it the wrong way.
An IDE is no substitute for an Intelligent Developer.
posted 7 months ago
Thanks for your comments. Unfortunately these are old application that need to perform authentication and redirection. They use different technology and framework so it's not easily integrated. Session is not working but I got ServletContext to work so it will do for now.