ADF BC/ Faces - Session Timeouts in dialogs

Hi,
I was wondering if anyone has worked out how to handle session timeouts in dialogs? I have an application which has a shopping cart style dialog which is sized at 800x630 and launched from a main page. When the users session times-out they get the login screen within the dialog. How can I get the dialog to return to the main page and get the user to login there?
Brenden

Use the ADF Dialog in conjuncion with the af:poll component. The closing of the dialog is handled by a listener called a returnListner. See the blog entries below for complete details on how to use the dialog framework and its associated listeners.
http://groundside.com/blog/DuncanMills.php?title=modal_dialogs_in_jsf_with_adf_faces&more=1&c=1&tb=1&pb=1
http://thepeninsulasedge.com/blog/2006/08/31/adf-faces-working-with-aftableselectone-and-the-dialog-framework/

Similar Messages

ADF Faces : session timeout best practice

hi
I made these small modifications to the web.xml file in the SRDemoSample application:
(a) I changed the login-config from this ...
<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>infrastructure/SRLogin.jspx</form-login-page>
      <form-error-page>infrastructure/SRLogin.jspx</form-error-page>
    </form-login-config>
</login-config>... to this
<login-config>
    <auth-method>BASIC</auth-method>
</login-config>(b) I changed the session-timeout to 1 minute.
<session-config>
    <session-timeout>1</session-timeout>
</session-config>Please consider this scenario:
(1) Run the UserInterface project of the SRDemoSample application in JDeveloper.
(2) Authenticate using "sking" and password "welcome".
(3) Click on the "My Service Requests" tab.
(4) Click on a "Request Id" like "111". You should see a detail page titled "Service Request Information for SR # 111" that shows detail data on the service request.
(5) Wait for at least one minute for the session to timeout.
(6) Click on the "My Service Requests" tab again. I see the same detail page as in (4), now titled "Service Request Information for SR #" and not showing any detail data.
question
What is the best practice to detect such session timeouts and handle them in a user friendly way in an ADF Faces application?
thanks
Jan Vervecken

Hi,
no. Here's the content copied from a word doc:
A frequent question on the JDeveloper OTN forum, and also one that has been asked by customers directly, is how to detect and graceful handle user session expiry due to user inactivity.
The problem of user inactivity is that there is no way in JavaEE for the server to call the client when the session has expired. Though you could use JavaScript on the client display to count
down the session timeout, eventually showing an alert or redirecting the browser, this goes with a lot of overhead. The main concern raised against unhandled session invalidation due to user
inactivity is that the next user request leads to unpredictable results and errors messages. Because all information stored in the user session get lost upon session expiry, you can't recover the
session and need to start over again. The solution to this problem is a servlet filter that works on top of the Faces servlet. The web.xml file would have the servlet configured as follows
1.     <filter>
2.         <filter-name>ApplicationSessionExpiryFilter</filter-name>
3.         <filter-class>
4.             adf.sample.ApplicationSessionExpiryFilter
5.         </filter-class>
6.         <init-param>
7.             <param-name>SessionTimeoutRedirect</param-name>
8.             <param-value>SessionHasExpired.jspx</param-value>
9.         </init-param>
10.     </filter>
This configures the "ApplicationSessionExpiryFilter" servlet with an initialization parameter for the administrator to configure the page that the filter redirects the request to. In this
example, the page is a simple JSP page that only prints a message so the user knows what has happened. Further in the web.xml file, the filter is assigned to the JavaServer Faces
servlet as follows
1.     <filter-mapping>
2.             <filter-name>ApplicationSessionExpiryFilter</filter-name>
3.             <servlet-name>Faces Servlet</servlet-name>
4.         </filter-mapping>
The Servlet filter code compares the session Id of the request with the current session Id. This nicely handles the issue of the JavaEE container implicitly creating a new user session for the incoming request.
The only special case to be handled is where the incoming request doesn't have an associated session ID. This is the case for the initial application request.
1.     package adf.sample;
2.
3.     import java.io.IOException;
4.
5.     import javax.servlet.Filter;
6.     import javax.servlet.FilterChain;
7.     import javax.servlet.FilterConfig;
8.     import javax.servlet.ServletException;
9.     import javax.servlet.ServletRequest;
10.     import javax.servlet.ServletResponse;
11.     import javax.servlet.http.HttpServletRequest;
12.     import javax.servlet.http.HttpServletResponse;
13.
14.
15.     public class ApplicationSessionExpiryFilter implements Filter {
16.         private FilterConfig _filterConfig = null;
17.
18.         public void init(FilterConfig filterConfig) throws ServletException {
19.             _filterConfig = filterConfig;
20.         }
21.
22.         public void destroy() {
23.             _filterConfig = null;
24.         }
25.
26.         public void doFilter(ServletRequest request, ServletResponse response,
27.                              FilterChain chain) throws IOException, ServletException {
28.
29.
30.             String requestedSession =   ((HttpServletRequest)request).getRequestedSessionId();
31.             String currentWebSession = ((HttpServletRequest)request).getSession().getId();
32.
33.             boolean sessionOk = currentWebSession.equalsIgnoreCase(requestedSession);
34.
35.             // if the requested session is null then this is the first application
36.             // request and "false" is acceptable
37.
38.             if (!sessionOk && requestedSession != null){
39.                 // the session has expired or renewed. Redirect request
40.                 ((HttpServletResponse) response).sendRedirect(_filterConfig.getInitParameter("SessionTimeoutRedirect"));
41.             }
42.             else{
43.                 chain.doFilter(request, response);
44.             }
45.         }
46.
47.     }
This servlet filter works pretty well, except for sessions that are expired because of active session invalidation e.g. when nuking the session to log out of container managed authentication. In this case my
recommendation is to extend line 39 to also include a check if security is required. This can be through another initialization parameter that holds the name of a page that the request is redirected to upon logout.
In this case you don't redirect the request to the error page but continue with a newly created session.
Ps.: For testing and development, set the following parameter in web.xml to 1 so you don't have to wait 35 minutes
1.     <session-config>
2.         <session-timeout>1</session-timeout>
3.     </session-config> Frank
Edited by: Frank Nimphius on Jun 9, 2011 8:19 AM

Handle Session Timeout

I am using JDeveloper 11.1.1.6.
I am trying to gracefully handle session time outs in ADF. My application has been experiencing the 'canned' ADF session timeout popup when I am logged into my application and the session has timed out. That same popup is rendered even if I am sitting at my login page but haven't signed in.
I have followed Frank Nimphius's guidance as explained in the following forum to have my application re-direct to the login page after session timeout. That works great thanks to his well detailed document.
ADF Faces : session timeout best practice
The concern I have now is if I am sitting at my login page and my session times out, the application stays at the login page. I now type my credentials and click log in. Because the application thinks my session is timed out, I am taken back to the login page. Ideally I wouldn't think the login page would hold a session. Do you have any guidance on how I can get around this.

Hi,
what about using programmatic login, in which case the login form is part of a public page (see http://www.oracle.com/technetwork/issue-archive/2012/12-jan/o12adf-1364748.html for an example you can download)
Frank

I'm looking for an example of Session Time Warning dialog

I'm looking for an example of a Session Timeout warning dialog to warn a user that their session is about to expire. I'd really like it to have the option to extend the session or logout.
I have a user submitted Webapp with several fields and an image upload. The image upload is for a copy of a professional state license. When the user gets to this field in the form, they realize that they have to scan their form first. They leave the Webapp Input form open, get their image uploaded finally, submit the form, then they get a message that they are no longer logged in. Any help would be greatly appreciated :)

If your doing work on the front end like this and you feel the form is to long or things like file upload takes too long then build a multi-step form process and have the image as one of the latter steps so you can start saving the data.

Session Timeout directly taking to login page

Hi,
In our application when session time out happens, it is directly taking to login page, instead of showing the time out error message . We have a CustomExceptionHandler defined in our application. When I debugged, I identified that the following error message
<StateManagerImpl><restoreView> Could not find saved view state for token -ppfn0o4n8 (*ADF_FACES-30107)*
comes when user clicks login the second time.
We want to know how to get the error message first before it goes to the login page? Any configuration we are missing?
Here is our applications web.xml
<?xml version = '1.0' encoding = 'UTF-8'?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5" xmlns="http://java.sun.com/xml/ns/javaee">
<description>Empty web.xml file for Web Application</description>
<context-param>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>jndiContext</param-name>
<param-value>inv</param-value>
</context-param>
<context-param>
<param-name>UserEnvironmentName</param-name>
<param-value>UserEnvironment</param-value>
</context-param>
<context-param>
<param-name>CacheConfigureFile</param-name>
<param-value>inv-cache.xml</param-value>
</context-param>
<context-param>
<param-name>SecurityRepositoryClass</param-name>
<param-value>oracle.communications.inventory.api.framework.security.impl.SecurityRepositoryImpl</param-value>
</context-param>
<context-param>
<description>Whether the 'Generated by...' comment at the bottom of ADF Faces HTML pages should contain version number information.</description>
<param-name>oracle.adf.view.rich.versionString.HIDDEN</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>oracle.adfinternal.view.rich.libraryPartitioning.ENABLED</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>ilog.views.faces.CONTROLLER_PATH</param-name>
<param-value>/_contr</param-value>
</context-param>
<context-param>
<param-name>ilog.views.faces.CONTENT_LENGTH_ENABLED</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<description>If this parameter is true, there will be an automatic check of the modification date of your JSPs, and saved state will be discarded when JSP's change. It will also automatically check if your skinning css files have changed without you having to restart the server. This makes development easier, but adds overhead. For this reason this parameter should be set to false when your application is deployed.</description>
<param-name>org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>APPLICATION_NAME</param-name>
<param-value>Unified Inventory Management</param-value>
</context-param>
<context-param>
<param-name>COPYRIGHT_FROM_YEAR</param-name>
<param-value>2007</param-value>
</context-param>
<context-param>
<param-name>COPYRIGHT_TO_YEAR</param-name>
<param-value>2011</param-value>
</context-param>
<context-param>

<param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_MEMORY</param-name>

<param-value>512000</param-value>
</context-param>
<context-param>

<param-name>org.apache.myfaces.trinidad.UPLOAD_MAX_DISK_SPACE</param-name>

<param-value>104857600</param-value>
</context-param>
<filter>
<filter-name>trinidad</filter-name>
<filter-class>org.apache.myfaces.trinidad.webapp.TrinidadFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>trinidad</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<listener>
<listener-class>oracle.communications.inventory.api.framework.listener.ContextListener</listener-class>
</listener>
<listener>
<listener-class>oracle.communications.inventory.ui.framework.IlogContextListener</listener-class>
</listener>

<listener>
<listener-class>
oracle.communications.inventory.cartridge.deploy.CartridgeInstallerServletContextListener
</listener-class>
</listener>
<persistence-context-ref>
<persistence-context-ref-name>persistence/EntityManager</persistence-context-ref-name>
<persistence-unit-name>default</persistence-unit-name>
</persistence-context-ref>
<listener>
<listener-class>oracle.adf.mbean.share.connection.ADFConnectionLifeCycleCallBack</listener-class>
</listener>
<listener>
<listener-class>oracle.adf.mbean.share.config.ADFConfigLifeCycleCallBack</listener-class>
</listener>
<servlet>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<servlet-class>oracle.adfinternal.view.faces.bi.renderkit.graph.GraphServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>BIGAUGESERVLET</servlet-name>
<servlet-class>oracle.adfinternal.view.faces.bi.renderkit.gauge.GaugeServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>MapProxyServlet</servlet-name>
<servlet-class>oracle.adfinternal.view.faces.bi.renderkit.geoMap.servlet.MapProxyServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>GatewayServlet</servlet-name>
<servlet-class>oracle.adfinternal.view.faces.bi.renderkit.graph.FlashBridgeServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>media</servlet-name>
<servlet-class>oracle.communications.inventory.ui.media.servlet.MediaServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>BIGRAPHSERVLET</servlet-name>
<url-pattern>/servlet/GraphServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>BIGAUGESERVLET</servlet-name>
<url-pattern>/servlet/GaugeServlet/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>MapProxyServlet</servlet-name>
<url-pattern>/mapproxy/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/bi/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GatewayServlet</servlet-name>
<url-pattern>/flashbridge/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>media</servlet-name>
<url-pattern>/media_image</url-pattern>
</servlet-mapping>
<resource-ref>
<res-ref-name>wm/ruleWorkManager</res-ref-name>
<res-type>commonj.work.WorkManager</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Unshareable</res-sharing-scope>
</resource-ref>
<filter>
<filter-name>JpsFilter</filter-name>
<filter-class>oracle.security.jps.ee.http.JpsFilter</filter-class>
<init-param>
<param-name>enable.anonymous</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>remove.anonymous.role</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>addAllRoles</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>jaas.mode</param-name>
<param-value>doasprivileged</param-value>
</init-param>
</filter>
<filter>
<filter-name>ADFLibraryFilter</filter-name>
<filter-class>oracle.adf.library.webapp.LibraryFilter</filter-class>
</filter>
<filter>
<filter-name>adfBindings</filter-name>
<filter-class>oracle.adf.model.servlet.ADFBindingFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>JpsFilter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
</filter-mapping>
<filter-mapping>
<filter-name>ADFLibraryFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>adfBindings</filter-name>
<servlet-name>Faces Servlet</servlet-name>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>resources</servlet-name>
<servlet-class>org.apache.myfaces.trinidad.webapp.ResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>adflibResources</servlet-name>
<servlet-class>oracle.adf.library.webapp.ResourceServlet</servlet-class>
</servlet>
<servlet>
<servlet-name>adfAuthentication</servlet-name>
<servlet-class>oracle.adf.share.security.authentication.AuthenticationServlet</servlet-class>
<init-param>
<param-name>success_url</param-name>
<param-value>/faces/InventoryUIShell</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Controller</servlet-name>
<servlet-class>ilog.views.faces.IlvFacesController</servlet-class>
<load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/adf/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>resources</servlet-name>
<url-pattern>/afr/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>adflibResources</servlet-name>
<url-pattern>/adflib/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>adfAuthentication</servlet-name>
<url-pattern>/adfAuthentication</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Controller</servlet-name>
<url-pattern>/_contr/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>35</session-timeout>
</session-config>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html</mime-type>
</mime-mapping>
<mime-mapping>
<extension>txt</extension>
<mime-type>text/plain</mime-type>
</mime-mapping>
<jsp-config>
<jsp-property-group>
<url-pattern>*.jsff</url-pattern>
<is-xml>true</is-xml>
</jsp-property-group>
</jsp-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>allPages</web-resource-name>
<url-pattern>/</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Unsecured resources</web-resource-name>
<url-pattern>/images/</url-pattern>
<url-pattern>*.png</url-pattern>
<url-pattern>*.gif</url-pattern>
<url-pattern>*.jpg</url-pattern>
<url-pattern>*.jpeg</url-pattern>
<url-pattern>*.bmp</url-pattern>
<url-pattern>*.css</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>/css/*</url-pattern>
<url-pattern>/afr/blank.html</url-pattern>
</web-resource-collection>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>adfAuthentication</web-resource-name>
<url-pattern>/adfAuthentication</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>valid-users</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/faces/login.jspx</form-login-page>
<form-error-page>/faces/error.jspx</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>valid-users</role-name>
</security-role>
<welcome-file-list>
<welcome-file>/faces/InventoryUIShell</welcome-file>
</welcome-file-list>
</web-app>

hi
this can be done using a simple "Servlet Filters" which will check whether the user session is valid or not. so for every connect to the server the filter runs and redirects to the login page if the session has expired. here you can configure your filter to be activated for every URL or a patterns of urls.
u need servlet2.3 supported server for this.
hope this helps
shrini
I have an business j2ee application run on oc4j. When the session timeout declared on the web.xml expire, i want to redirect automaticaly the user to my login.jsp to force him to reconnect. I try j_security_chek, but i want to restart the business application at the top and not to the page which are request. Somebody know who i can do this mechanism. I try too special tag in jsp, this run very good but i have to repeate this call on every page. I look for an other simply mechanism to that
Thanks

Detecting Session Timeout?

What are the techniques for detecting when a user's session has timed out using a JSF-based application and displaying a message to the user (.jspx, ADF BC, JDev 10.1.3.1)? Note I am not using a session-based bean, all beans are currently request-scope. I am storing information in a View Objects, so if the session times out, I lose that data and I need to notify the user.
For a production Internet application, this is a must. Any thoughts on approaches or code examples?
Thanks

The ADF documentation shows an example of using the poll component to raise a session timeout dialogue after a number of minutes.
About ADF Faces Poll

Session timeout while in a bounded taskflow.

Hi all,
I have ADFSecurity configured on project.
If a session timeout occurs while we are in view1,(click dialog ok button) is redirect to login.
If a session timeout occurs while we are in some-btf,(click dialog ok button) isn't redirect to login. White page with text Session expired appears.
How can we redirect to login when a session timeout occurs while we are in a bounded TF?
I already try to add servlet filter on the FacesServlet, but when i click on the ok button, the filter isn't called.
Using JDev 12.1.3
Thanks in advance.

Session expiry has changed in 12.1.3 (see https://java.net/jira/browse/ADFEMG-264).
Have you configured the session timeout warning?
How?
Do you use the filter approach?
Have you installed an error handler in the bounded task flow?
Timo

Error re-logging in after session timeout using form-based authentication

Hello,
We have a web app configured for form-based authentication. When the session times out, we're redirected to our login page as expected. However, after re-logging in, we are not redirected to the desired page (e.g., /faces/OurMainPage.jspx) but to /afr/page_lev_idle.gif.
Do we have to do anything special for session timeouts?
Thanks,
Rico

Some extra information that might help:
After re-logging in and we're in /afr/page_lev_idle.gif, we hit the browser Back button (showing the login page again) and then hit the browser Refresh/Reload button and voila we're at the page we expect to be.
Rico

Managed bean/Data exchange between two ADF Rich Faces based applications

Hi,
I have been trying to research what seems to be a small issue. My requirements are as follows.
1. I need to be able to pass managed bean information from one ADF Rich Faces based application to another (in two separate ears) at runtime (e.g. from Ear1: SenderApp/Sender.jspx -> Ear2: ReceiverApp/Receiver.jspx).
2. I do not want to use the database as my applications need to be performant.
3. Serialization/de-serialization would fall pretty much under the database category. In other words, I like to avoid Serialization/de-serialization of the managed bean.
4. I cannot use query string due to security issues.
My question is as follows:
1. Is there any standard/architecture/best practices for data exchange of backing beans or other forms between two ADF Rich Faces based apps (in two separate ears)?
2. Has someone found anything similar to an applicationScope that works across applications?
I would appreciate any ideas.
Thanks very much,
Edited by: user11219846 on Jul 23, 2009 2:38 PM
Edited by: user11219846 on Jul 23, 2009 2:42 PM

Hi,
its not an ADF Faces problem, but not possible in Java EE. You can however fallback to vendor specific implementations like in WLS. From the WebLogic documentation : http://e-docs.bea.com/wls/docs103/webapp/sessions.html
Enabling Web applications to share the same session*
By default, Web applications do not share the same session. If you would like Web applications to share the same session, you can configure the session descriptor at the application level in the weblogic-application.xml deployment descriptor. To enable Web applications to share the same session, set the sharing-enabled attribute in the session descriptor to true in the weblogic-application.xml deployment descriptor. See “sharing-enabled” in session-descriptor.
The session descriptor configuration that you specify at the application level overrides any session descriptor configuration that you specify at the Web application level for all of the Web applications in the application. If you set the sharing-enabled attribute to true at the Web application level, it will be ignored.
All Web applications in an application are automatically started using the same session instance if you specify the session descriptor in the weblogic-application.xml deployment descriptor and set the sharing-enabled attribute to true as in the following example:
+<?xml version="1.0" encoding="ISO-8859-1"?>+
+<weblogic-application xmlns="http://www.bea.com/ns/weblogic/90";;>+
+...+
<session-descriptor>
+<persistent-store-type>memory</persistent-store-type>+
+<sharing-enabled>true</sharing-enabled>+
+...+
+</session-descriptor>+
+...+
+</weblogic-application>+
Frank

Oracle.adf.view.faces.model classes and serializable

Some (most?) classes in oracle.adf.view.faces.model - e.g., ChildPropertyTreeModel - are not serializable. If these objects are given the "session" scope, this causes problems. For instance, in a clustered environment with failover/load-balancing, session attributes must be serialized to be replicated to all cluster members. Adding one of these object to the session causes the serialization - and therefore the replication - process to fail. Does anybody know why these classes are not marked as serializable?

Some (most?) classes in oracle.adf.view.faces.model - e.g., ChildPropertyTreeModel - are not serializable. If these objects are given the "session" scope, this causes problems. For instance, in a clustered environment with failover/load-balancing, session attributes must be serialized to be replicated to all cluster members. Adding one of these object to the session causes the serialization - and therefore the replication - process to fail. Does anybody know why these classes are not marked as serializable?

JSF 1.2 Session Timeout Issue

I am using using:
JSF- Sun RI (1.2)
Websphere (6.1)
Facelets (1.?)
RichFaces (3.3.2)
I am having an issue with session timeouts that shows up in two different ways:
Scenario 1) the client makes an ajax call after the session has timed out
Scenario 2) the client makes a standard request after the session has timed out - navigating to a new page
I seem to be able to address one or the other, but I can't seem to find a solution that fixes both scenarios.
For Scenario 1, I have the client-side A4J.AJAX.onExpired function defined and that is currently working for session timeouts that are discovered via an ajax request.
However, if I start making changes to try and address the other scenario, it seems to break the A4J javascript function.
For Scenario 2, I have tried a number of suggestions that I've found online:
1) I've tried to configure the error page in web.xml:
<error-page>
     <exception-type>javax.faces.application.ViewExpiredException</exception-type>
     <location>/timeout.jsf</location>
</error-page>
However, anything I seem to try around this solution still winds up with a ViewExpiredException. I've tried to have timeout.jsf redirect to the login page and I get a ViewExpiredException on the login page when the redirect happens. I've tried to just render a timeout page with a link the user can click on to go to the login page and that fails as well.
2) I've tried the phase listener and had little success too.
3) I tried a NavigationHandler
One thing I did have working, I believe, was with the phase listener approach, but I had a difficult time displaying a session timed out message upon redirect, but not the first time the user visited the page.
I'm relatively new to JSF and probably don't understand the app life cycle well enough, I guess, but is there a solution that addresses all of these issues:
1) works for AJAX calls
2) works for actual navigation
3) sends the user back to the login page with some indication as to "why", but gracefully handles the first visit to the login page (or a logout)
Thanks for any suggestions you can offer.

Sorry, but I have to disagree. Loading JavaScript at the beginning of your page would only make the page load slower (and "ruin" the user's experience when they see the page being loaded steadily) and also cause unforeseen issues than to leave it at the bottom of your page.
Big companies like Google (1999), Yahoo (2000), Oracle (2001) and many others are doing the opposite to what you have said. Look at the way they load their JavaScripts and you'll see.
It's also good practice to zip your content from the server before sending it to the client's web browser to increase performance. Of course, this will depend on whether your web browser supports methods such as gzip, deflate, etc... and whether you use HTTP or HTTPS.
Lastly, another bad practice I often see Java programmers do is write the following all over the places:
setString, setInt, setDouble, etcInstead of using an existing feature of Java to do the same in one procedure, as in:
public static void setParameters(PreparedStatement preparedStatement, Object... values)
   throws SQLException
   for (int i = 0; i < values.length; i++) {
      preparedStatement.setObject(i + 1, values);
Then just call *setParameters* whenever you need it instead of writing multiple setString, setInt, etc statements everywhere...

Handling JSF session timeouts

I'm having a problem when my session in jsf times out. I have a logoutBean that handles the logout functionality for my app. The problem comes in when the session expires after period of time with no activity on the app. If i try then call the logout() method in my logoutBean i get the following error in Tomcat5.5 listed below (this is only a short extract, the exception thrown is a lot longer) Any idea on how to check if the session has expired before you submit a request??
SEVERE: Managedbean TopBean could not be created Can't instantiate class: 'za.co
.vodacom.rms.frontend.bean.TopBean'.. class za.co.vodacom.rms.frontend.bean.TopB
ean : java.lang.NullPointerException
javax.faces.FacesException: Can't instantiate class: 'za.co.vodacom.rms.frontend
.bean.TopBean'.. class za.co.vodacom.rms.frontend.bean.TopBean : java.lang.NullP
ointerException
at com.sun.faces.config.ManagedBeanFactory.newInstance(ManagedBeanFactor
y.java:229)
at com.sun.faces.application.ApplicationAssociate.createAndMaybeStoreMan
agedBeans(ApplicationAssociate.java:306)
at com.sun.faces.el.VariableResolverImpl.resolveVariable(VariableResolve
rImpl.java:97)
at com.sun.faces.el.impl.NamedValue.evaluate(NamedValue.java:145)
at com.sun.faces.el.impl.ComplexValue.evaluate(ComplexValue.java:166)
at com.sun.faces.el.impl.ExpressionEvaluatorImpl.evaluate(ExpressionEval
uatorImpl.java:263)

Here's a listing of my bean :
public class TopBean {
     private UserBean userBean = null;
//some code other code
public void logoff() {
          HttpSession session = (HttpSession)FacesContext.getCurrentInstance().getExternalContext().getSession(false);
          if (session==null) {
               System.out.println("Session is null");
          } else {
               UserController userCon = new UserController();
               if (userCon.logoffUser(userBean)) {
                    System.out.println("successful logout");
               } else {
                    System.out.println("Unsuccessful logout");
I have a logoff button on a jsp page:
<h:commandButton image="images/logoff.gif" alt="Logoff" action="#{TopBean.logoff}" styleClass="linkButton" onclick="javascript:logoffConfirm()"/></td>
The session timeout is 30minutes
<session-config>
     <session-timeout>30</session-timeout>
</session-config>
If after the session times out, i decide to click on logoff so that my logged_on status in my database is updated it throws an exception that it cannot instantiate the class TopBean (i have a bit field in my user table logged_on that needs to get updated otherwise on next logged my app throws error with "user is already logged on"). My bean TopBean gets initialised directly after I log in to my app. As you can see i'm already trying to validate if the session is null, however before i can even call the method it throws "cannot instantiate class TopBean" exception. This indicates to me that once the session has expired, i clears what ever objects that were being held in that session

ADF Rich Faces Templates

Using oepe 12.1.2.3 kepler 4.3.
Tied to create a jsp page as in the tutorial
Problem is cannot find ADF Rich Faces Page in JSP Templates Page of Preferences Dialog.
When I click on the templates link, all the ADF rich faces are missing.
How can i import these templates and why are they missing in the first place.
Thank you

Thanks for the update. I am using 12.1.2.3
It seems that the tutorial manual needs to be updated since it says: "Right-click the WebContent node in the Project Explorer and select New > JSP file"
and not ADF Page as you suggested.
when I followed your suggestion, I did get the right templates but now I have run into another problem when trying to add the ADF faces form to the page.
After selecting the login bean created earlier, pressing The form action button does not allow the creation of a navigation case as suggested in the tutorial but gives
a blank popup with the title "select an action outcome". There are no fields to fill the navigation case.
thanks

ADF BC/ Faces - Logout exception

Hi,
I a have one project that does not exit the session properly using the method described in the ADF developers guide. This method is in a request scope managed bean which is called from a commandMenuItem.
the exception is thrown on session.invalidate();
    public String logout_action() throws IOException{
         ExternalContext ectx = FacesContext.getCurrentInstance().getExternalContext();
         HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
         HttpSession session = (HttpSession)ectx.getSession(false);
         try {
             session.invalidate();
         catch (Exception e) {
               System.out.println("Warning: logout encountered and exception");
        response.sendRedirect("Console.jsp");
        return null;
    }    this is the exception:
06/11/21 10:57:40 [528] Reusing a cached session application module instance
06/11/21 10:57:40 [529] Reusing a cached session application module instance
06/11/21 10:57:41 [530] **** refreshControl() for BindingContainer :rft_ConsolePageDef
06/11/21 10:57:41 [531] Resolving VO:TravelRequestsView1 for iterator binding:TravelRequestsView1Iterator
06/11/21 10:57:41 [532] DCUtil, returning:oracle.adfinternal.view.faces.model.binding.FacesCtrlRangeBinding, for TravelRequestsView1
06/11/21 10:57:41 [533] Resolving VO:PersonsView1 for iterator binding:PersonsView1Iterator
06/11/21 10:57:41 [534] *** DCDataControl.sync() called from :DCBindingContainer.refresh
06/11/21 10:57:41 [535] *** DCDataControl.sync() called from :DCBindingContainer.refresh
06/11/21 10:57:41 [536] valiateToken:Decompressed BC state:BCST:=0TravelRequestsView1Iterator=-D-00010000000431313931,PersonsView1Iterator=-D-,
06/11/21 10:57:41 [537] TravelRequestsView1 notify ROLLBACK ...
06/11/21 10:57:41 [538] Clearing VO cache for TravelRequestsView1
06/11/21 10:57:41 [539] Clear QueryCollection in cache for VO TravelRequestsView1
06/11/21 10:57:41 [540] ApprovalPartiesView1 notify ROLLBACK ...
06/11/21 10:57:41 [541] Clearing VO cache for ApprovalPartiesView1
06/11/21 10:57:41 [542] Clear QueryCollection in cache for VO ApprovalPartiesView1
06/11/21 10:57:41 [543] Clearing VO cache for TravelRequestsView1
06/11/21 10:57:41 [544] Clear QueryCollection in cache for VO TravelRequestsView1
06/11/21 10:57:41 [545] Clearing VO cache for ApprovalPartiesView1
06/11/21 10:57:41 [546] Clear QueryCollection in cache for VO ApprovalPartiesView1
06/11/21 10:57:41 [547] Clearing VO cache for AdvisoriesView1
06/11/21 10:57:41 [548] Clear QueryCollection in cache for VO AdvisoriesView1
06/11/21 10:57:41 [549] Clearing VO cache for TravelRequestLinesView1
06/11/21 10:57:41 [550] Clear QueryCollection in cache for VO TravelRequestLinesView1
06/11/21 10:57:41 [551] Clearing VO cache for ResponsesView1
06/11/21 10:57:41 [552] Clear QueryCollection in cache for VO ResponsesView1
06/11/21 10:57:41 [553] Clearing VO cache for PersonsView1
06/11/21 10:57:41 [554] Clear QueryCollection in cache for VO PersonsView1
06/11/21 10:57:41 [555] Clearing VO cache for AllStaffView1
06/11/21 10:57:41 [556] Clear QueryCollection in cache for VO AllStaffView1
06/11/21 10:57:41 [557] Clearing EO cache for ecu.app.travel.TravelRequests
06/11/21 10:57:41 [558] Resetting AM=SystemService
06/11/21 10:57:41 [559] ViewObject: PersonsView1 close prepared statements...
06/11/21 10:57:41 [560] ViewObject: AllStaffView1 close prepared statements...
06/11/21 10:57:41 [561] Resetting AM=TravelRequestService
06/11/21 10:57:41 [562] ViewObject: TravelRequestsView1 close prepared statements...
06/11/21 10:57:41 [563] ViewObject: ApprovalPartiesView1 close prepared statements...
06/11/21 10:57:41 [564] ViewObject: AdvisoriesView1 close prepared statements...
06/11/21 10:57:41 [565] ViewObject: TravelRequestLinesView1 close prepared statements...
06/11/21 10:57:41 [566] ViewObject: ResponsesView1 close prepared statements...
06/11/21 10:57:41 [567] SessionCookieImpl SSOUSER banstey
06/11/21 10:57:41 [568] SessionCookieImpl SSOSUBSCRIBER null
06/11/21 10:57:41 [569] SessionCookieImpl User Principal oracle.security.jazn.oc4j.JAZNUserAdaptor
06/11/21 10:57:41 [570] Failed to create BindingContainer from reference :rft_ConsolePageDef
06/11/21 10:57:41 [571] java.lang.NullPointerException
     at oracle.adf.share.http.HttpUtil.getAttribute(HttpUtil.java:98)
     at oracle.adf.share.http.HttpSessionScopeAdapter.get(HttpSessionScopeAdapter.java:240)
     at oracle.adf.share.statemanager.StateManagerScopeAdapter.<init>(StateManagerScopeAdapter.java:88)
     at oracle.adf.share.http.HttpStateManagerScopeAdapter.<init>(HttpStateManagerScopeAdapter.java:51)
     at oracle.adf.share.http.ServletADFContext.getStateManager(ServletADFContext.java:254)
     at oracle.adf.model.bc4j.DataControlFactoryImpl.findOrCreateSessionCookie(DataControlFactoryImpl.java:158)
     at oracle.adf.model.bc4j.DataControlFactoryImpl.createSession(DataControlFactoryImpl.java:222)
     at oracle.adf.model.binding.DCDataControlReference.getDataControl(DCDataControlReference.java:76)
     at oracle.adf.model.BindingContext.get(BindingContext.java:457)
     at oracle.adf.model.binding.DCUtil.findSpelObject(DCUtil.java:280)
     at oracle.adf.model.binding.DCUtil.findSpelObject(DCUtil.java:248)
     at oracle.adf.model.binding.DCUtil.findContextObject(DCUtil.java:383)
     at oracle.adf.model.binding.DCIteratorBinding.<init>(DCIteratorBinding.java:128)
     at oracle.jbo.uicli.binding.JUIteratorBinding.<init>(JUIteratorBinding.java:60)
     at oracle.jbo.uicli.binding.JUIteratorDef.createIterBinding(JUIteratorDef.java:87)
     at oracle.jbo.uicli.binding.JUIteratorDef.createIterBinding(JUIteratorDef.java:51)
     at oracle.adf.model.binding.DCIteratorBindingDef.createExecutableBinding(DCIteratorBindingDef.java:277)
     at oracle.adf.model.binding.DCBindingContainerDef.createExecutables(DCBindingContainerDef.java:296)
     at oracle.adf.model.binding.DCBindingContainerDef.createBindingContainer(DCBindingContainerDef.java:425)
     at oracle.adf.model.binding.DCBindingContainerReference.createBindingContainer(DCBindingContainerReference.java:54)
     at oracle.adf.model.binding.DCBindingContainerReference.getBindingContainer(DCBindingContainerReference.java:44)
     at oracle.adf.model.BindingContext.get(BindingContext.java:483)
     at oracle.adf.model.binding.DCBindingContainer.release(DCBindingContainer.java:1913)
     at oracle.adf.model.binding.DCDataControl.release(DCDataControl.java:1551)
     at oracle.adf.model.bc4j.DCJboDataControl.release(DCJboDataControl.java:468)
     at oracle.adf.model.binding.DCDataControl.release(DCDataControl.java:1482)
     at oracle.adf.model.BindingContext.release(BindingContext.java:270)
     at oracle.adf.model.servlet.HttpBindingContext.valueUnbound(HttpBindingContext.java:36)
     at com.evermind.server.http.EvermindHttpSession.destroy(EvermindHttpSession.java:454)
     at com.evermind.server.http.EvermindHttpSession.invalidate(EvermindHttpSession.java:396)
     at ecu.app.ui.managed.TravelSession.logout_action(TravelSession.java:21)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:585)
     at com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:126)
     at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
     at oracle.adf.view.faces.component.UIXCommand.broadcast(UIXCommand.java:211)
     at oracle.adf.view.faces.component.UIXCollection.broadcast(UIXCollection.java:95)
     at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:269)
     at javax.faces.component.UIViewRoot.processDecodes(UIViewRoot.java:327)
     at com.sun.faces.lifecycle.ApplyRequestValuesPhase.execute(ApplyRequestValuesPhase.java:79)
     at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:200)
     at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:90)
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:213)
     at com.evermind.server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:64)
     at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._invokeDoFilter(AdfFacesFilterImpl.java:231)
     at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl._doFilterImpl(AdfFacesFilterImpl.java:200)
     at oracle.adfinternal.view.faces.webapp.AdfFacesFilterImpl.doFilter(AdfFacesFilterImpl.java:122)
     at oracle.adf.view.faces.webapp.AdfFacesFilter.doFilter(AdfFacesFilter.java:106)
     at com.evermind.server.http.EvermindFilterChain.doFilter(EvermindFilterChain.java:15)
     at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:162)
     at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:619)
     at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:368)
     at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:866)
     at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:448)
     at com.evermind.server.http.HttpRequestHandler.serveOneRequest(HttpRequestHandler.java:216)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:117)
     at com.evermind.server.http.HttpRequestHandler.run(HttpRequestHandler.java:110)
     at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
     at oracle.oc4j.network.ServerSocketAcceptHandler.procClientSocket(ServerSocketAcceptHandler.java:239)
     at oracle.oc4j.network.ServerSocketAcceptHandler.access$700(ServerSocketAcceptHandler.java:34)
     at oracle.oc4j.network.ServerSocketAcceptHandler$AcceptHandlerHorse.run(ServerSocketAcceptHandler.java:880)
     at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
     at java.lang.Thread.run(Thread.java:595)if i look at the OC4J log in debug mode in another project that doesn't have this problem the logout stops after "close prepared statements..." for each of the View Objects. But for this application it seems to try to reload the pageDef after destroying everything... If i redirect to something other than Console.jsp the exception is still thrown on rft_ConsolePageDef
Note, login page is displayed after this and i can re-login ok.
any help would be appreciated.
regards,
Brenden

One small bug was fixed in the 10.1.3.1 version of the SRDemo (both ADFBC and other version)...
The SRLogout.java class now looks like this:
public class SRLogout {
   * Logout by invalidating the session and redirecting to the home page
   * The container will ask user to re-authenticate automatically.
   * @return null
   * @throws IOException
public String logoutButton_action() throws IOException{
    FacesContext ctx = FacesContext.getCurrentInstance();
    ExternalContext ectx = ctx.getExternalContext();
    HttpServletResponse response = (HttpServletResponse)ectx.getResponse();
    HttpSession session = (HttpSession)ectx.getSession(false);
    session.invalidate();
    response.sendRedirect("SRWelcome.jspx");
    // Tell faces that we're handling the navigation from here and that there
    // is no need for a new context to be created
    ctx.responseComplete();
    return null;
}The one change was the addition of the ctx.responseComplete() call.
Does adding that to your example improve the situation at all?

Webcenter Spaces internal error page and session timeout page customization

Hi
On what basis is an internal error page shown in webcenter spaces? What triggers it?
Is it possible to customize the internal error page that shows up on webcenter spaces?
Or atleast redirect to a custom error page on any exception occured?
Is there any other way to handle it?
Also, how to customize the session timeout page? Is it possible?
There seems to be a servlet being called for session timeout display i dont see any page being redirected to.
Environment details: Webcenter Spaces 11.1.1.6
Help needed on this asap please.
Thanks

Hi,
I was experiencing the same problem with customizing the session timeout page. I found out that you can set a custom webcenter attribute in the webcenter-config.xml called "wcSessionTimeoutURL" which overrides the default servlet response and redirects the the specified path.
In my example, I created a business role page, set it to be publically accessible, then used the Red Samurai MDS Cleaner taskflow to modify the custom attributes in webcenter-config.xml in the following way:
<webcenter:custom-attributes>
<attribute name="wcSessionTimeoutPeriod">
<description/>
<type>java.lang.String</type>
<value>45</value>
<visible/>
</attribute>
*<attribute name="wcSessionTimeoutURL">*
*<description/>*
*<type>java.lang.String</type>*
*<value>/faces/oracle/webcenter/page/scopedMD/s8bba98ff_4cbb_40b8_beee_296c916a23ed/businessRolePages/Page1.jspx</value>*
*<visible/>*
*</attribute>*
</webcenter:custom-attributes>
Hope that helps!

ADF BC/ Faces - Session Timeouts in dialogs

Similar Messages

Maybe you are looking for