This discussion is archived
3 Replies Latest reply: Jan 16, 2013 8:58 AM by 985003 RSS

Session scoped controller acting like request?

985003 Newbie
Currently Being Moderated

I'm creating a website for my school project (Java EE)... It's our first year doing so.
Now as this is evening school and only had a semester learning it, you might see that my way of doing things ain't the best out there :)

So to get started, I'm trying to create a login feature but instead of those hundered lines of security codes, we may use a simple session scoped member object.

So here you have a few of my classes:

public class MemberController implements Serializable {

    private MemberBean bean;
    private String username;
    private String password;
    private Member member;
    private boolean logged = false;
// + their getters and setters

    public List<Member> getAllMembers() {
        return bean.getAllMembers();

    public String login() {
        member = bean.getMember(username, password);
        if (member != null) {
            logged = true;
            return "/races/list.xhtml?faces-redirect=true";
        return "/users/login.xhtml?faces-redirect=true";

    public String logout() {
        return "/index.xhtml?faces-redirect=true";

    public void checkLogin(ComponentSystemEvent e) {
        if (!logged) {
            FacesContext context = FacesContext.getCurrentInstance();
            ConfigurableNavigationHandler handler = (ConfigurableNavigationHandler) context.getApplication().getNavigationHandler();

    public Member getMember() {
        return member;

    public void submit() {


public class MemberBean {

    private EntityManager em;

    public Member getMember(long id){
        return em.find(Member.class, id);

    public Member getMember(String username, String password){
        TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u WHERE u.userName=?1 AND u.password=?2", Member.class);
        q.setParameter(1, username);
        q.setParameter(2, password);
        return q.getSingleResult();

    public List<Member> getAllMembers(){
        TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u", Member.class);
        return q.getResultList();

    public Member addOrUpdateMember(Member u){
        Member original = em.find(Member.class, u.getId());
        if(original == null){
            return u;
            return em.merge(u);

    public Member deleteMember(long id){
        Member original = em.find(Member.class, id);
        if(original != null){
        return original;


@Table(name = "members")
public class Member implements Serializable {
    //+ Getters, setters, HashCode and equals

    @GeneratedValue(strategy = GenerationType.TABLE)
    private long id;
    private double money;

    @NotNull(message = "Username cannot be null")
    @Size(min = 4, message = "Username should be of minimum 4 characters")
    private String userName;

    @NotNull(message = "Password cannot be null")
    @Size(min = 4, message = "Password should be of minimum 4 characters")
    private String password;

    private void initDefault() { = 500;
The main error I'm getting is the following:

INFO: Exception when handling error trying to reset the response.

A more specific detail error can be found here:

So what happens is that when I login, everything works great. The moment I navigate to another url (after being forwarded to /races/list) I get logged out. The error itself shows when I use the checkLogin():
<f:event type="preRenderView" listener="#{memberController.checkLogin}" />

I'm not sure whether this is related, but when I login without any demo data (or with wrong credentials) I get an evaluation exception and that no entity could be retrieved. Here more details:

What could this be? I scratched my head for 3 days now and can't seem to find an issue anywhere.

Edited by: 982000 on Jan 15, 2013 10:25 AM - added the code in the message
  • 1. Re: Session scoped controller acting like request?
    gimbal2 Guru
    Currently Being Moderated
    Post the stuff here, not somewhere else. Whatever needs its formatting preserved should be posted between \
     tags. If the code is too large, post only relevant parts.                                                                                                                                                                                                                                                                                                                                                        
  • 2. Re: Session scoped controller acting like request?
    985003 Newbie
    Currently Being Moderated
    My apologies, I just didn't want to flood the thread. But edited the message and added a summary of I think the most relevant error messages.
  • 3. Re: Session scoped controller acting like request?
    985003 Newbie
    Currently Being Moderated
    Okay, so I tried setting a few console.writes to check what's happening... It seems my logout script is called upon navigation. But I don't call it anywhere except on my logout button.

    Here is my template code:
    <div class="navbar">
        <div class="navbar-inner">
            <ul class="nav">
                <li class="active"><a href="#{root}index.xhtml">Home</a></li>
                <li><a href="#{root}races/list.xhtml">Races</a></li>
                <li><a href="#{root}horses/list.xhtml">Horses</a></li>
                <h:panelGroup rendered="#{memberController.logged == true}">
                    <li><a href="#{root}profile/history.xhtml">History</a></li>
                    <li><a href="#" onclick="#{memberController.logout()}">Logout</a></li>
                <h:panelGroup rendered="#{memberController.logged == false}">
                    <li><a href="#{root}users/login.xhtml">Login</a></li>
                    <li><a href="#{root}users/register.xhtml">Create Account</a></li>
    EDIT: my onclick of the logout button should be #{memberController.logout()}
    but for some reason my editing isn't applied in this reply.

    Edited by: 982000 on Jan 16, 2013 8:56 AM


  • Correct Answers - 10 points
  • Helpful Answers - 5 points