openwebbeans-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "todor.dimitrov" <todor.dimit...@me.com>
Subject Re: CDI, Filter & Session-Scoped Bean
Date Wed, 30 Jan 2013 16:55:46 GMT
Hallo again,

I've just noticed that when this behavior is observed the session associated with the HTTPServletRequest
is null. Somehow Tomcat cannot create a session object for the request (normally a StandardSession
object is associated with the request). IMHO CDI shouldn't inject an object instance from
some other session if the session of the request is null.



On 30.01.2013, at 17:39, "todor.dimitrov" <todor.dimitrov@me.com> wrote:

> Hallo,
> 
> I have a weird problem when injecting a bean inside a servlet filter, which is produced
by a method of a session-scoped bean:
> 
> Filter:
> 
> public class AuthenticationFilter implements Filter {
> 
> 	@Inject
> 	@LoggedIn
> 	private Instance<User> loggedInUser;
> 
> 	public void doFilter(ServletRequest request, ServletResponse response,
> 			FilterChain chain) throws IOException, ServletException {
> 
> 		final User user = loggedInUser.get();
> 		if (user != null) {
> 			// proceed ...
> 		} else {
> 			// redirect to login ...
> 		}
> 	}
> 
> 	...
> }
> 
> Session-scoped bean with producer method:
> 
> @Named
> @SessionScoped
> public class Login implements Serializable {
> 
> 	private User currentUser;
> 
> 	public String login() {
> 		currentUser = loadUserFromDB(...);
> 	}
> 
> 	public String logout() {
> 		currentUser = null;
> 	}
> 
> 	@Produces
> 	@LoggedIn
> 	public User getLoggedInUser() {
> 		return currentUser;
> 	}
> }
> 
> Qualifier:
> 
> @Target({ ElementType.FIELD, ElementType.METHOD })
> @Qualifier
> @Retention(RetentionPolicy.RUNTIME)
> public @interface LoggedIn {
> }
> 
> Sometimes the filter incorrectly retrieves the user instance from some other active session.
This happens, however, only the first time the page is requested by the browser. On subsequent
page reloads, the filter recognises that the user is not logged in. It should be noted that
the JSF implementation (MyFaces) ALWAYS uses the correct instance of the session-scoped bean.
I've tried to inject the Login bean instead of the User object but the result is the same.

> 
> Do you have any clues to why I might be experiencing such a behavior?
> 
> 
> Thanks in advance,
> 
> Todor


Mime
View raw message