3 Replies Latest reply: Jan 16, 2013 10:58 AM by 985003 RSS

    Session scoped controller acting like request?


      I'm creating a website for my school project (Java EE)... It's our first year doing so.
      Now as this is evening school and only had a semester learning it, you might see that my way of doing things ain't the best out there :)

      So to get started, I'm trying to create a login feature but instead of those hundered lines of security codes, we may use a simple session scoped member object.

      So here you have a few of my classes:
      public class MemberController implements Serializable {
          private MemberBean bean;
          private String username;
          private String password;
          private Member member;
          private boolean logged = false;
      // + their getters and setters
          public List<Member> getAllMembers() {
              return bean.getAllMembers();
          public String login() {
              member = bean.getMember(username, password);
              if (member != null) {
                  logged = true;
                  return "/races/list.xhtml?faces-redirect=true";
              return "/users/login.xhtml?faces-redirect=true";
          public String logout() {
              return "/index.xhtml?faces-redirect=true";
          public void checkLogin(ComponentSystemEvent e) {
              if (!logged) {
                  FacesContext context = FacesContext.getCurrentInstance();
                  ConfigurableNavigationHandler handler = (ConfigurableNavigationHandler) context.getApplication().getNavigationHandler();
          public Member getMember() {
              return member;
          public void submit() {
      public class MemberBean {
          private EntityManager em;
          public Member getMember(long id){
              return em.find(Member.class, id);
          public Member getMember(String username, String password){
              TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u WHERE u.userName=?1 AND u.password=?2", Member.class);
              q.setParameter(1, username);
              q.setParameter(2, password);
              return q.getSingleResult();
          public List<Member> getAllMembers(){
              TypedQuery<Member> q = em.createQuery("SELECT u FROM Member u", Member.class);
              return q.getResultList();
          public Member addOrUpdateMember(Member u){
              Member original = em.find(Member.class, u.getId());
              if(original == null){
                  return u;
                  return em.merge(u);
          public Member deleteMember(long id){
              Member original = em.find(Member.class, id);
              if(original != null){
              return original;
      @Table(name = "members")
      public class Member implements Serializable {
          //+ Getters, setters, HashCode and equals
          @GeneratedValue(strategy = GenerationType.TABLE)
          private long id;
          private double money;
          @NotNull(message = "Username cannot be null")
          @Size(min = 4, message = "Username should be of minimum 4 characters")
          private String userName;
          @NotNull(message = "Password cannot be null")
          @Size(min = 4, message = "Password should be of minimum 4 characters")
          private String password;
          private void initDefault() {
              this.money = 500;
      The main error I'm getting is the following:

      INFO: Exception when handling error trying to reset the response.

      A more specific detail error can be found here: http://pastebin.com/h5nTNnes

      So what happens is that when I login, everything works great. The moment I navigate to another url (after being forwarded to /races/list) I get logged out. The error itself shows when I use the checkLogin():
      <f:event type="preRenderView" listener="#{memberController.checkLogin}" />

      I'm not sure whether this is related, but when I login without any demo data (or with wrong credentials) I get an evaluation exception and that no entity could be retrieved. Here more details: http://pastebin.com/Tv9mQ1K9

      What could this be? I scratched my head for 3 days now and can't seem to find an issue anywhere.

      Edited by: 982000 on Jan 15, 2013 10:25 AM - added the code in the message
        • 1. Re: Session scoped controller acting like request?
          Post the stuff here, not somewhere else. Whatever needs its formatting preserved should be posted between \
           tags. If the code is too large, post only relevant parts.                                                                                                                                                                                                                                                                                                                                                        
          • 2. Re: Session scoped controller acting like request?
            My apologies, I just didn't want to flood the thread. But edited the message and added a summary of I think the most relevant error messages.
            • 3. Re: Session scoped controller acting like request?
              Okay, so I tried setting a few console.writes to check what's happening... It seems my logout script is called upon navigation. But I don't call it anywhere except on my logout button.

              Here is my template code:
              <div class="navbar">
                  <div class="navbar-inner">
                      <ul class="nav">
                          <li class="active"><a href="#{root}index.xhtml">Home</a></li>
                          <li><a href="#{root}races/list.xhtml">Races</a></li>
                          <li><a href="#{root}horses/list.xhtml">Horses</a></li>
                          <h:panelGroup rendered="#{memberController.logged == true}">
                              <li><a href="#{root}profile/history.xhtml">History</a></li>
                              <li><a href="#" onclick="#{memberController.logout()}">Logout</a></li>
                          <h:panelGroup rendered="#{memberController.logged == false}">
                              <li><a href="#{root}users/login.xhtml">Login</a></li>
                              <li><a href="#{root}users/register.xhtml">Create Account</a></li>
              EDIT: my onclick of the logout button should be #{memberController.logout()}
              but for some reason my editing isn't applied in this reply.

              Edited by: 982000 on Jan 16, 2013 8:56 AM