This discussion is archived
3 Replies Latest reply: Jan 16, 2013 8:58 AM by 985003 RSS

Session scoped controller acting like request?

985003 Newbie
Currently Being Moderated
Hi,

I'm creating a website for my school project (Java EE)... It's our first year doing so.
Now as this is evening school and only had a semester learning it, you might see that my way of doing things ain't the best out there :)

So to get started, I'm trying to create a login feature but instead of those hundered lines of security codes, we may use a simple session scoped member object.

So here you have a few of my classes:
//MemberController.java:

@SessionScoped
public class MemberController implements Serializable {

    @EJB
    private MemberBean bean;
    private String username;
    private String password;
    private Member member;
    private boolean logged = false;
// + their getters and setters

    public List<Member> getAllMembers() {
        return bean.getAllMembers();
    }

    public String login() {
        member = bean.getMember(username, password);
        if (member != null) {
            logged = true;
            return "/races/list.xhtml?faces-redirect=true";
        }
        return "/users/login.xhtml?faces-redirect=true";
    }

    public String logout() {
        FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
        return "/index.xhtml?faces-redirect=true";
    }

    public void checkLogin(ComponentSystemEvent e) {
        if (!logged) {
            FacesContext context = FacesContext.getCurrentInstance();
            ConfigurableNavigationHandler handler = (ConfigurableNavigationHandler) context.getApplication().getNavigationHandler();
            handler.performNavigation("/users/login.xhtml?faces-redirect=true");
        }
    }

    public Member getMember() {
        return member;
    }

    public void submit() {
        bean.addOrUpdateMember(member);
    }
}

//MemberBean.java

@Stateless
public class MemberBean {

    @PersistenceContext(unitName="HorseRacingPU")
    private EntityManager em;

    public Member getMember(long id){
        return em.find(Member.class, id);
    }

    public Member getMember(String username, String password){
        TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u WHERE u.userName=?1 AND u.password=?2", Member.class);
        q.setParameter(1, username);
        q.setParameter(2, password);
        return q.getSingleResult();
    }

    public List<Member> getAllMembers(){
        TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u", Member.class);
        return q.getResultList();
    }

    public Member addOrUpdateMember(Member u){
        Member original = em.find(Member.class, u.getId());
        if(original == null){
            em.persist(u);
            return u;
        }else{
            return em.merge(u);
        }
    }

    public Member deleteMember(long id){
        Member original = em.find(Member.class, id);
        if(original != null){
            em.remove(original);
        }
        return original;
    }
}

//Member.java:

@Entity
@Table(name = "members")
public class Member implements Serializable {
    //+ Getters, setters, HashCode and equals

    @Id
    @GeneratedValue(strategy = GenerationType.TABLE)
    private long id;
    private double money;

    @NotNull(message = "Username cannot be null")
    @Size(min = 4, message = "Username should be of minimum 4 characters")
    private String userName;

    @NotNull(message = "Password cannot be null")
    @Size(min = 4, message = "Password should be of minimum 4 characters")
    private String password;

    @PostPersist
    private void initDefault() {
        this.money = 500;
    }
}
The main error I'm getting is the following:

INFO: Exception when handling error trying to reset the response.

A more specific detail error can be found here: http://pastebin.com/h5nTNnes

So what happens is that when I login, everything works great. The moment I navigate to another url (after being forwarded to /races/list) I get logged out. The error itself shows when I use the checkLogin():
<f:event type="preRenderView" listener="#{memberController.checkLogin}" />

I'm not sure whether this is related, but when I login without any demo data (or with wrong credentials) I get an evaluation exception and that no entity could be retrieved. Here more details: http://pastebin.com/Tv9mQ1K9

What could this be? I scratched my head for 3 days now and can't seem to find an issue anywhere.

Edited by: 982000 on Jan 15, 2013 10:25 AM - added the code in the message
  • 1. Re: Session scoped controller acting like request?
    gimbal2 Guru
    Currently Being Moderated
    Post the stuff here, not somewhere else. Whatever needs its formatting preserved should be posted between \
     tags. If the code is too large, post only relevant parts.                                                                                                                                                                                                                                                                                                                                                        
  • 2. Re: Session scoped controller acting like request?
    985003 Newbie
    Currently Being Moderated
    My apologies, I just didn't want to flood the thread. But edited the message and added a summary of I think the most relevant error messages.
  • 3. Re: Session scoped controller acting like request?
    985003 Newbie
    Currently Being Moderated
    Okay, so I tried setting a few console.writes to check what's happening... It seems my logout script is called upon navigation. But I don't call it anywhere except on my logout button.

    Here is my template code:
    <div class="navbar">
        <div class="navbar-inner">
            <ul class="nav">
                <li class="active"><a href="#{root}index.xhtml">Home</a></li>
                <li><a href="#{root}races/list.xhtml">Races</a></li>
                <li><a href="#{root}horses/list.xhtml">Horses</a></li>
                <h:panelGroup rendered="#{memberController.logged == true}">
                    <li><a href="#{root}profile/history.xhtml">History</a></li>
                    <li><a href="#" onclick="#{memberController.logout()}">Logout</a></li>
                </h:panelGroup>
                <h:panelGroup rendered="#{memberController.logged == false}">
                    <li><a href="#{root}users/login.xhtml">Login</a></li>
                    <li><a href="#{root}users/register.xhtml">Create Account</a></li>
                </h:panelGroup>
            </ul>
        </div>
    </div>
    EDIT: my onclick of the logout button should be #{memberController.logout()}
    but for some reason my editing isn't applied in this reply.

    Edited by: 982000 on Jan 16, 2013 8:56 AM

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points