Skip to main content

Handling ViewExpiredException

2 replies [Last post]
Joined: 2009-08-25

Using GF v2.1, JSF, Facelets and Richfaces. Using container managed authentication and server state saving.


When a user is logged in and the application is republished and then the user tries to access another part of the page this is exception is shown. First they are presented with the login page because the session is terminated (as expected) however after they log back in they get a ViewExpiredException. This is expected as well.

The problem I'm having is gracefully handling this exception. Ideally the user should be directed to their "home page" after logging back in. Using the to catch the exception doesn't seem to work because when the user logs back in they get a blank page with a url: http://server:8080/j_security_check. I know that j_security_check is the servlet used for container managed authentication so I believe the url is correct but why it just sits there instead of doing the authentication and redirecting the user is beyond me.

Using a phase listener which listens to the RestoreView phase to check for a valid session doesn't seem to be working either. I can re-direct the user to their homepage but they still end up seeing this exception which makes sense. If I could tell the application server to rebuild the view then this would work.

I've done a lot of googling but haven't some up with anything that works yet so hopefully I can get some help here.


Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Joined: 2010-06-02

A quick google search for “ViewExpiredException” finds users complaining about this on threads from all different sorts of vendors: Oracle, Apache, IceFaces, MyFaces, JBoss. And that’s just the first 10 entries! But the fault does not lie with any of these vendors. The dreaded ViewExpiredException is most likely the result of the fact that you’re interacting with (or developing) a user-authenticated, web-based application written in JSF. If you’re logged in and your HTTP session expires, JSF will quite annoyingly throw ViewExpiredException during the RESTORE_VIEW phase of the JSF life cycle – it’s a feature!
During my wanderings I’ve seen people try to solve this issue in a variety of ways. Some try to use global Exception handling in the web.xml file for their WAR. Others try to use a pure JSF-based solution whereby a PhaseListener can attempt to perform a response redirect during the RESTORE_VIEW phase. Even JBoss Seam tries to solve this in their own way using their exception handlers in the components.xml file.

[url=]Mercedes Benz LX450 Parts[/url]

Joined: 2009-08-25

Ok so it looks like if I use the and direct it to a non jsf page and from there redirect it to the user's home page everything is good...except in Internet Explorer. Firefox and Chrome will display the home page correctly while IE just sits on http://server:8080/j_security_check. It looks like it might be a problem with IE not posting correctly to the servlet.