Skip to main content

session timeout

1 reply [Last post]
Anonymous

Please help in ViewExpired handling.

Technologies:
- Glassfish 3.1.2.2
- Form based security handling
- Primefaces AJAX POST requests (for example pagination)
- myRealm is a JDBCRealm in Glassfish security

I setup a phase listener in faces-config.xml:

hu.kepeslap.back.listener.JsfPhaseListener

and I use some settings in web.xml

javax.faces.application.ViewExpiredException
/index.xhtml

Security settings are:

admin
/admin/*

ROLE_ADMIN

user
/user/*

ROLE_ADMIN
ROLE_USER

FORM
myRealm

/login.xhtml
/login.xhtml?auth-error=true

ROLE_ADMIN

ROLE_USER

The PhaseListener:

public class JsfPhaseListener implements PhaseListener {

private static String homepage = "login.xhtml";

@Override
public void afterPhase(PhaseEvent phaseEvent) {
FacesContext context = phaseEvent.getFacesContext();
ExternalContext ext = context.getExternalContext();
HttpSession session = (HttpSession) ext.getSession(false);
HttpServletRequest httpRequest = (HttpServletRequest)
ext.getRequest();
boolean isPost = httpRequest.getMethod().equalsIgnoreCase("POST");
boolean newSession = (session == null) || (session.isNew());
boolean postback = !ext.getRequestParameterMap().isEmpty();
RequestContext requestContext =
RequestContext.getCurrentInstance();
PartialViewContext partialViewContext =
context.getPartialViewContext();
boolean isAJAX = isPost && ((requestContext != null) &&
requestContext.isAjaxRequest()) || ((partialViewContext != null) &&
(partialViewContext.isPartialRequest()));
boolean timedout = postback && newSession && isAJAX;
boolean isRenderableResponse = (context.getResponseWriter() ==
null) && (context.getRenderKit() == null);
if (timedout && isRenderableResponse) {
if (ext.isResponseCommitted()) {
// redirect is not possible
return;
}
try {
httpRequest.logout();
} catch (ServletException e) {
e.printStackTrace();
}
throw new ViewExpiredException("Session timeout");
}
}

@Override
public void beforePhase(PhaseEvent phaseEvent) {
}

@Override
public PhaseId getPhaseId() {
return PhaseId.RESTORE_VIEW;
}

}

Primefaces example handle session timeout with an alert dialog, so
I thing java.lang.NullPointerException is from security layer of Glassfish.

Exception is:

WARNING: ApplicationDispatcher[/kepeslap] PWC1231: Servlet.service() for
servlet Faces Servlet threw exception
java.lang.NullPointerException
at
com.sun.faces.context.PartialViewContextImpl.createPartialResponseWriter(PartialViewContextImpl.java:441)
at
com.sun.faces.context.PartialViewContextImpl.access$300(PartialViewContextImpl.java:71)
at
com.sun.faces.context.PartialViewContextImpl$DelayedInitPartialResponseWriter.getWrapped(PartialViewContextImpl.java:582)
at
javax.faces.context.PartialResponseWriter.startDocument(PartialResponseWriter.java:115)
at
org.primefaces.context.PrimePartialResponseWriter.startDocument(PrimePartialResponseWriter.java:133)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handlePartialResponseError(AjaxExceptionHandlerImpl.java:199)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handle(AjaxExceptionHandlerImpl.java:123)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:119)
at
com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:116)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at
org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at
org.apache.catalina.core.ApplicationDispatcher.doInvoke(ApplicationDispatcher.java:809)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:671)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:505)
at
org.apache.catalina.core.ApplicationDispatcher.doDispatch(ApplicationDispatcher.java:476)
at
org.apache.catalina.core.ApplicationDispatcher.dispatch(ApplicationDispatcher.java:355)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:305)
at
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:464)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at
com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1333)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:551)
at
org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at
com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at
com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at
com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at
com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)

WARNING: Unexpected error forwarding or redirecting to login page
java.lang.NullPointerException
at
com.sun.faces.context.PartialViewContextImpl.createPartialResponseWriter(PartialViewContextImpl.java:441)
at
com.sun.faces.context.PartialViewContextImpl.access$300(PartialViewContextImpl.java:71)
at
com.sun.faces.context.PartialViewContextImpl$DelayedInitPartialResponseWriter.getWrapped(PartialViewContextImpl.java:582)
at
javax.faces.context.PartialResponseWriter.startDocument(PartialResponseWriter.java:115)
at
org.primefaces.context.PrimePartialResponseWriter.startDocument(PrimePartialResponseWriter.java:133)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handlePartialResponseError(AjaxExceptionHandlerImpl.java:199)
at
com.sun.faces.context.AjaxExceptionHandlerImpl.handle(AjaxExceptionHandlerImpl.java:123)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:119)
at
com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:116)
at
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:593)
at
org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
at
org.apache.catalina.core.ApplicationDispatcher.doInvoke(ApplicationDispatcher.java:809)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:671)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:505)
at
org.apache.catalina.core.ApplicationDispatcher.doDispatch(ApplicationDispatcher.java:476)
at
org.apache.catalina.core.ApplicationDispatcher.dispatch(ApplicationDispatcher.java:355)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:305)
at
org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:464)
at
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:253)
at
com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1333)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:551)
at
org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:623)
at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at
org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at
com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at
com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at
com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
at
com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
at
com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at
com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at
com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at
com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at
com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at
com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)

Please help to check the solution.

best regards
Z

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
rockstunner
Offline
Joined: 2013-06-20

Actually I was in search of a solution for session timeout and think I have landed on the correct place. After trying the code explained here my problem got resolved. The procedure is simple and you will be very careful while performing this. Any small mismatch in the code may cause its malfunction. Thank you for the code! windowsxphelpnow.com