Please help in ViewExpired handling.
Technologies:
- Glassfish 3.1.2.2
- Form based security handling
- Primefaces AJAX POST requests (for example pagination)
- myRealm is a JDBCRealm in Glassfish security
I setup a phase listener in faces-config.xml:
<lifecycle>
<phase-listener>hu.kepeslap.back.listener.JsfPhaseListener</phase-listener>
</lifecycle>
and I use some settings in web.xml
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/index.xhtml</location>
</error-page>
Security settings are:
<security-constraint>
<web-resource-collection>
<web-resource-name>admin</web-resource-name>
<url-pattern>/admin/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE_ADMIN</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>user</web-resource-name>
<url-pattern>/user/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>ROLE_ADMIN</role-name>
<role-name>ROLE_USER</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>myRealm</realm-name>
<form-login-config>
<form-login-page>/login.xhtml</form-login-page>
<form-error-page>/login.xhtml?auth-error=true</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>ROLE_ADMIN</role-name>
</security-role>
<security-role>
<role-name>ROLE_USER</role-name>
</security-role>
The PhaseListener:
public class JsfPhaseListener implements PhaseListener {
private static String homepage = "login.xhtml";
@Override
public void afterPhase(PhaseEvent phaseEvent) {
FacesContext context = phaseEvent.getFacesContext();
ExternalContext ext = context.getExternalContext();
HttpSession session = (HttpSession) ext.getSession(false);
HttpServletRequest httpRequest = (HttpServletRequest)
ext.getRequest();
boolean isPost = httpRequest.getMethod().equalsIgnoreCase("POST");
boolean newSession = (session == null) || (session.isNew());
boolean postback = !ext.getRequestParameterMap().isEmpty();
RequestContext requestContext =
RequestContext.getCurrentInstance();
PartialViewContext partialViewContext =
context.getPartialViewContext();
boolean isAJAX = isPost && ((requestContext != null) &&
requestContext.isAjaxRequest()) || ((partialViewContext != null) &&
(partialViewContext.isPartialRequest()));
boolean timedout = postback && newSession && isAJAX;
boolean isRenderableResponse = (context.getResponseWriter() ==
null) && (context.getRenderKit() == null);
if (timedout && isRenderableResponse) {
if (ext.isResponseCommitted()) {
// redirect is not possible
return;
}
try {
httpRequest.logout();
} catch (ServletException e) {
e.printStackTrace();
}
throw new ViewExpiredException("Session timeout");
}
}
@Override
public void beforePhase(PhaseEvent phaseEvent) {
}
@Override
public PhaseId getPhaseId() {
return PhaseId.RESTORE_VIEW;
}
}
Primefaces example handle session timeout with an alert dialog, so
I thing java.lang.NullPointerException is from security layer of Glassfish.
Exception is:
WARNING: ApplicationDispatcher[/kepeslap] PWC1231: Servlet.service() for
servlet Faces Servlet threw exception
java.lang.NullPointerException
at
com.sun.faces.context.PartialViewContextImpl.createPartialResponseWriter(PartialViewContextImpl.java:441)
at
com.sun.faces.context.PartialViewContextImpl.access$300(PartialViewContextImpl.java:71)
at
com.sun.faces.context.PartialViewContextImpl$DelayedInitPartialResponseWriter.getWrapped(PartialViewContextImpl.java:582)
at
javax.faces.context.PartialResponseWriter.startDocument(PartialResponseWriter.java:115)
at
org.primefaces.context.PrimePartialResponseWriter.startDocument(PrimePartialResponseWriter.java:133)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handlePartialResponseError(AjaxExceptionHandlerImpl.java:199)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handle(AjaxExceptionHandlerImpl.java:123)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:119)
at
com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:116)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at
org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at
org.apache.catalina.core.ApplicationDispatcher.doInvoke(ApplicationDispatcher.java:809)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:671)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:505)
at
org.apache.catalina.core.ApplicationDispatcher.doDispatch(ApplicationDispatcher.java:476)
at
org.apache.catalina.core.ApplicationDispatcher.dispatch(ApplicationDispatcher.java:355)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:305)
at
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:464)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at
com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1333)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:551)
at
org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at
com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at
com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at
com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at
com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
WARNING: Unexpected error forwarding or redirecting to login page
java.lang.NullPointerException
at
com.sun.faces.context.PartialViewContextImpl.createPartialResponseWriter(PartialViewContextImpl.java:441)
at
com.sun.faces.context.PartialViewContextImpl.access$300(PartialViewContextImpl.java:71)
at
com.sun.faces.context.PartialViewContextImpl$DelayedInitPartialResponseWriter.getWrapped(PartialViewContextImpl.java:582)
at
javax.faces.context.PartialResponseWriter.startDocument(PartialResponseWriter.java:115)
at
org.primefaces.context.PrimePartialResponseWriter.startDocument(PrimePartialResponseWriter.java:133)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handlePartialResponseError(AjaxExceptionHandlerImpl.java:199)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handle(AjaxExceptionHandlerImpl.java:123)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:119)
at
com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:116)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at
org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at
org.apache.catalina.core.ApplicationDispatcher.doInvoke(ApplicationDispatcher.java:809)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:671)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:505)
at
org.apache.catalina.core.ApplicationDispatcher.doDispatch(ApplicationDispatcher.java:476)
at
org.apache.catalina.core.ApplicationDispatcher.dispatch(ApplicationDispatcher.java:355)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:305)
at
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:464)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at
com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1333)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:551)
at
org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at
com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at
com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at
com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at
com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)
Please help to check the solution.
best regards
Z