Win a copy of Hands On Software Engineering with Python this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Bear Bibeault
  • Knute Snortum
  • Liutauras Vilda
Sheriffs:
  • Tim Cooke
  • Devaka Cooray
  • Paul Clapham
Saloon Keepers:
  • Tim Moores
  • Frits Walraven
  • Ron McLeod
  • Ganesh Patekar
  • salvin francis
Bartenders:
  • Tim Holloway
  • Carey Brown
  • Stephan van Hulst

jsf session different/lost  RSS feed

 
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello All,

I am dumbfounded why session is lost or different every time when calling backbean.  I googled and tried different solutions but it's not working.  One thing that works is if I create a JSP page then the session and attributes work.  Basically, from JSF webapp1 calling JSP webapp2/servlet.  Then webapp2/servlet forward back to webapp1.  I want to get attributes saved in webapp2 but it always NULL.  Here is how I am doing it:

add to context.xml
crossContext="true"

servlet.java
getServletContext().getContext("/webapp1").getRequestDispatcher("/Login.xhtml").forward(request, response);  //if change to Login.jsp then it works

backbean

@ManagedBean(name="sessionBean")
@SessionScoped

session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(true);


Am I missing something?


Thanks
 
Bartender
Posts: 20107
101
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're missing two somethings.

First, and most fatally, you're writing your own login system. Don't. JEE defines a standard security framework that's well-documented, designed by full-time security people, well-debugged and requires minimal extra coding. User-defined security systems, on the other hand are none of these, and in about 95% of the cases I've seen over the last decade or so, the user-defined security systems can be cracked by non-technical people in 15 minutes or less. And that includes the ones that the company's "expert" designed for them. Security is a case where one weak link breaks the chain and unless you like having sensitive data for auction in Serbia, leave it to people who don't have to do it "in 'addition' to the important stuff".

Secondly, JSF is an Inversion of Control framework. In IoC, you don't go after stuff, you sit back and have it delivered to you' It's the Amazon Prime of JEE webapp programming, if you like.

In fact, I have 2 basic rules about JSF and one of them is this: The more JSF-specific code you have in your application, the more likely you've done it the wrong way.
 
bruce truong
Greenhorn
Posts: 14
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for your comments.  Unfortunately these are old application that need to perform authentication and redirection.  They use different technology and framework so it's not easily integrated.  Session is not working but I got ServletContext to work so it will do for now.

Thanks

 
Can't .... do .... plaid .... So I did this tiny ad instead:
Programmatically Create PDF Using Free Spire.PDF with Java
https://coderanch.com/wiki/703735/Programmatically-Create-PDF-Free-Spire
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!