myfaces-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Beikov <christian.bei...@gmail.com>
Subject Apache CODI Bug in version 1.0.5
Date Tue, 28 Aug 2012 17:58:48 GMT
Hello guys!

I just found a "bug" in the CODI code and wanted to report that to you. 
In The attachment you can find a maven WAR project that will show the 
error when you try to access the page.
This occurs, because the session cookie of the webapp is configured to 
be secure, but if you don't access the application via https you get 
redirected forever.
The reason for that is of course, that no session is available at the 
server side when the redirected request arrives at the server side.
The only solution to that is, to supply a specialized 
WindowContextConfig#isUrlParameterSupported that returns false, but that 
results in ViewExpiredException on Postback.

In my opinion CODI should somehow forward to an error page or so when 
this kind of configuration happens or don't redirect to use window ids 
at all.

Regards,
Christian

Mime
View raw message