JSF 2 redirection problem

Question

I have following two methods in my backing bean -

public String validateUser() {
    FacesContext facesCtx = FacesContext.getCurrentInstance();

    if(userName.equals("user1") && password.equals("pass1")) {
        User user = new User();
        user.setUserName(userName);
        HttpSession session = (HttpSession) facesCtx.getExternalContext().getSession(false);
        session.setAttribute(User.SESSION_ATTRIBUTE, user);
        return "secured/home.jsf?faces-redirect=true";
    }

    if(!userName.equals(LoginBean.USERNAME)) {
        FacesMessage msgForUserName = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Username did not match.", null);
        facesCtx.addMessage("loginForm:userName", msgForUserName);
    }

    if(!password.equals(LoginBean.PASSWORD)) {
        FacesMessage msgForPassword = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Password did not match.", null);
        facesCtx.addMessage("loginForm:password", msgForPassword);
    }

    return null;
}

public String logout() {
    logger.info("Logging out .........................................");
    FacesContext facesCtx = FacesContext.getCurrentInstance();
    HttpSession session = (HttpSession) facesCtx.getExternalContext().getSession(false);
    session.invalidate();
    return "login.jsf?faces-redirect=true";
}

I don't know why the redirection is working in the first method (i.e. validateUser()), but it's not working in the second method (i.e. logout()). The code inside the logout method is actually executed, the session also gets invalidated,but somehow the browser stays on the same page. And, I am using PrimeFaces p:commandButton and the ajax is enabled on both of them. Any one, any idea? Thank you.

score 5 · Accepted Answer · edited Jun 20 '20 at 09:12

5

but somehow the browser stays on the same page. And, I am using PrimeFaces p:commandButton and the ajax is enabled on both of them

I wouldn't expect it to fail. I suspect that this has something to do with the invalidated session. Try it with ajax="false" on the <p:commandButton>.

Unrelated to the problem, you should try to minimize the javax.servlet imports in your JSF managed beans. They often indicate that you're doing things in the wrong place or the clumsy way. In pure JSF2, you can invalidate the session as follows:

FacesContext.getCurrentInstance().getExternalContext().invalidateSession();

You can get/set objects in the session by the session Map.

Map<String, Object> sessionMap = FacesContext.getCurrentInstance().getExternalContext().getSessionMap();
// ...

Or just make it a managed bean (property).

I tried ajax=false, it's redirecting but only after 2 clicks. I think it's because I have a filter that checks request and redirects to login if there is no user attribute in the session. – Bhesh Gurung May 23 '11 at 15:33
Ah, that may explain as well why the ajax request failed. Run a debugger on your Filter code and fix it accordingly. Isn't it doing the job incorrectly *after* the `doFilter()` method? – BalusC May 23 '11 at 15:35
hey, i am not quite sure whats going on. i don't really have that much in the filter. it just checks the user attribute in the session. if it's null, it sets sendRedirect on the response object and returns otherwise it simply calls chain.dofilter... – Bhesh Gurung May 23 '11 at 15:53
1

OK that is likely not the cause. Do those things to exclude the one and other: 1) Try outcommenting session invalidate and see what it does. 2) Try replacing `` by ``. 3) If 2) works, try adding `` to the ``. This way we'll learn if it is related to PrimeFaces and/or session invalidation. – BalusC May 23 '11 at 15:56
I outcommented session invalidate. No redirection at all. I think filter did the redirection last time. I even used h:commandButton, even it's not redirecting... – Bhesh Gurung May 23 '11 at 16:01
1

Hmm, are there no JSF specific warnings in the server log? Which JSF impl/version are you using? Try using `FacesContext.getCurrentInstance().getExternalContext().redirect("login.jsf"); return null;` instead. – BalusC May 23 '11 at 16:05
the logout button is on home.xhtml (which is in secured folder), while the login.xhtml is outside. that method redirected to /secured/login.jsf... while the login page is outside secured folder. – Bhesh Gurung May 23 '11 at 16:10
returning "/login.jsf?faces-redirect=true" instead of "login.jsf?faces-redirect=true" did the job. Thanks for your help. When should we use the method - FacesContext.getCurrentInstance().getExternalContext().redirect("login.jsf"); – Bhesh Gurung May 23 '11 at 16:17
Ah yes. You're welcome. Don't use it, it was just a suggestion to nail the problem further down. – BalusC May 23 '11 at 16:21

JSF 2 redirection problem

1 Answers1

See also: