?x=y arguments to URLs, sessions and JSF

Similar Messages

• Reset JSF session and the managed beans with sesison scope

  Hi,
  this is a very general question and maybe stupid for most of you. I have my jsf/facelets web application and i use inside of this application some managed beans, which are session beans. I want to know how is it possible to reset this beans. I'm asking this question beacuse i have this kind of problem: i built my web application which has a login form and i use the browser to test it. When i browse to the login page and I login with my credentials i get my customized home page. Then i open another istance of the browser and i browse to the login page again but this time i login as a different user. The result home page is the same as i got before with my login credentials, so the session is always the same. Instead i want the session and all its objects to be resetted for the new user! Do youn know which is the solution?

  The fact is that i want to have two sessions in parallel, so using the same browser and opening two tabs, i want to browse to the login page and access as two totaly different users and using in parallel the application without the problem of one user's action affecting the other user beacuse of session sharing. So I want to force the application to create two different session for the two users logins, because as i told you before as it is now, they are sharing the same sesison. And i think that if i at the login time I iterate thorugh the session and delete all the objects i will be able to have only one session per time. Isn't it?

• Cookies, URL-Rewriting, and Sessions

  Hi All,
  I am aware that this is probably a question that has been asked many times in the past. Nonetheless, I have not been able to fully comprehend the differences. Therefore I would appreciate it, if someone could kindly spend some time explaining the differences between the three and when each would be the most preferred solution. ( cookies, url rewriting and sessions )
  So far what I understand is that, cookies can be used to store small amounts of data not more than 4kb, and that most browsers can not accept more than 20 at a time.... but would it be correct to say that the data is stored within the http headers ?
  URL rewriting, on the other hand is a method which can be used if cookies have been disabled by a browser. The 'session id' is appended to the url, and used to remember the data. ( how ? ). Although, it does mean that the programmer has to be very careful and ensure that rewriting occurs everytime it is passed to the browser, including redirection. ( whatever that means ? )
  Http sessions, seem to be the best solution out of the three ( but if this is the case, why are cookies and rewriting still hanging around today ? And even being taught at universities ? ). Also, they work on top of cookies and if these have been disabled sessions will not work !! ....
  As you can see ( from the above ) I do not have a thorough understanding of the three methods, especially if it comes to specifying the differences between the three.
  I would appreciate an explanation.

  HttpSessions use cookies or url rewritting to pass the session id which the server uses to associate a particular session with a particular request. A well developed web application will be written to use url rewriting when a client has cookies disabled. That being said I yet to see such a web application and personally believe that few people still disable cookies.
  Cookies still have uses.
  Persistant cookies are used to store data that needs to persist between sessions. This data is stored by the browser in a text files and passed to the server in the header. An example of this would be a site that offers personalization would store the user's id so that each time the user accesses the site he would see his personalization without being required to log in. Yahoo is a good example.
  In memory cookies are stored in the browser's memory and is used to store temporary data that goes away when the browser closes. Again this data gets passed to the server in the headers. Temporary cookies can be used to pass data between seperate web applications runing on the same host where storing the data in the session will not because each application has it's own session.

• HOW TO MANAGE THE SESSION IN JSF 2.0

  Hi to All.
  I need your help, I am beginner in JSF 2.0, and wanted to know how the sessions work on jsf 2.0?. If you could send a small example.
  I need my web application is safe, for example I have a web page users.xhtml to this web page must be entered after the login.xhtml loggedin and redirect if it is not.
  On the other hand need to handle logout in my web application.
  I hope I can help.
  I thank you in advance for your help.
  Greetings.

  This may help you...
  1. What is Session Tracking?
  There are a number of problems that arise from the fact that HTTP is a "stateless" protocol. In particular, when you are doing on-line shopping, it is a real annoyance that the Web server can't easily remember previous transactions. This makes applications like shopping carts very problematic: when you add an entry to your cart, how does the server know what's already in your cart? Even if servers did retain contextual information, you'd still have problems with e-commerce. When you move from the page where you specify what you want to buy (hosted on the regular Web server) to the page that takes your credit card number and shipping address (hosted on the secure server that uses SSL), how does the server remember what you were buying?
  There are three typical solutions to this problem.
  1. Cookies. You can use HTTP cookies to store information about a shopping session, and each subsequent connection can look up the current session and then extract information about that session from some location on the server machine. This is an excellent alternative, and is the most widely used approach. However, even though servlets have a high-level and easy-to-use interface to cookies, there are still a number of relatively tedious details that need to be handled:
  * Extracting the cookie that stores the session identifier from the other cookies (there may be many, after all),
  * Setting an appropriate expiration time for the cookie (sessions interrupted by 24 hours probably should be reset), and
  * Associating information on the server with the session identifier (there may be far too much information to actually store it in the cookie, plus sensitive data like credit card numbers should never go in cookies).
  2. URL Rewriting. You can append some extra data on the end of each URL that identifies the session, and the server can associate that session identifier with data it has stored about that session. This is also an excellent solution, and even has the advantage that it works with browsers that don't support cookies or where the user has disabled cookies. However, it has most of the same problems as cookies, namely that the server-side program has a lot of straightforward but tedious processing to do. In addition, you have to be very careful that every URL returned to the user (even via indirect means like Location fields in server redirects) has the extra information appended. And, if the user leaves the session and comes back via a bookmark or link, the session information can be lost.
  3. Hidden form fields. HTML forms have an entry that looks like the following: <INPUT TYPE="HIDDEN" NAME="session" VALUE="...">. This means that, when the form is submitted, the specified name and value are included in the GET or POST data. This can be used to store information about the session. However, it has the major disadvantage that it only works if every page is dynamically generated, since the whole point is that each session has a unique identifier.
  Servlets provide an outstanding technical solution: the HttpSession API. This is a high-level interface built on top of cookies or URL-rewriting. In fact, on many servers, they use cookies if the browser supports them, but automatically revert to URL-rewriting when cookies are unsupported or explicitly disabled. But the servlet author doesn't need to bother with many of the details, doesn't have to explicitly manipulate cookies or information appended to the URL, and is automatically given a convenient place to store data that is associated with each session.
  2. The Session Tracking API
  Using sessions in servlets is quite straightforward, and involves looking up the session object associated with the current request, creating a new session object when necessary, looking up information associated with a session, storing information in a session, and discarding completed or abandoned sessions.
  2.1 Looking up the HttpSession object associated with the current request.
  This is done by calling the getSession method of HttpServletRequest. If this returns null, you can create a new session, but this is so commonly done that there is an option to automatically create a new session if there isn't one already. Just pass true to getSession. Thus, your first step usually looks like this:
  HttpSession session = request.getSession(true);
  2.2 Looking up Information Associated with a Session.
  HttpSession objects live on the server; they're just automatically associated with the requester by a behind-the-scenes mechanism like cookies or URL-rewriting. These session objects have a builtin data structure that let you store any number of keys and associated values. In version 2.1 and earlier of the servlet API, you use getValue("key") to look up a previously stored value. The return type is Object, so you have to do a typecast to whatever more specific type of data was associated with that key in the session. The return value is null if there is no such attribute. In version 2.2, getValue is deprecated in favor of getAttribute, both because of the better naming match with setAttribute (the match for getValue is putValue, not setValue), and because setAttribute lets you use an attached HttpSessionBindingListener to monitor values, while putValue doesn't. Nevertheless, since few commercial servlet engines yet support version 2.2, I'll use getValue in my examples. Here's one representative example, assuming ShoppingCart is some class you've defined yourself that stores information on items being purchased.
  HttpSession session = request.getSession(true);
  ShoppingCart previousItems =
  (ShoppingCart)session.getValue("previousItems");
  if (previousItems != null) {
  doSomethingWith(previousItems);
  } else {
  previousItems = new ShoppingCart(...);
  doSomethingElseWith(previousItems);
  In most cases, you have a specific attribute name in mind, and want to find the value (if any) already associated with it. However, you can also discover all the attribute names in a given session by calling getValueNames, which returns a String array. In version 2.2, use getAttributeNames, which has a better name and which is more consistent in that it returns an Enumeration, just like the getHeaders and getParameterNames methods of HttpServletRequest.
  Although the data that was explicitly associated with a session is the part you care most about, there are some other pieces of information that are sometimes useful as well.
  * getId. This method returns the unique identifier generated for each session. It is sometimes used as the key name when there is only a single value associated with a session, or when logging information about previous sessions.
  * isNew. This returns true if the client (browser) has never seen the session, usually because it was just created rather than being referenced by an incoming client request. It returns false for preexisting sessions.
  * getCreationTime. This returns the time, in milliseconds since the epoch, at which the session was made. To get a value useful for printing out, pass the value to the Date constructor or the setTimeInMillis method of GregorianCalendar.
  * getLastAccessedTime. This returns the time, in milliseconds since the epoch, at which the session was last sent from the client.
  * getMaxInactiveInterval. This returns the amount of time, in seconds, that a session should go without access before being automatically invalidated. A negative value indicates that the session should never timeout.
  2.3 Associating Information with a Session
  As discussed in the previous section, you read information associated with a session by using getValue (or getAttribute in version 2.2 of the servlet spec). To specify information, you use putValue (or setAttribute in version 2.2), supplying a key and a value. Note that putValue replaces any previous values. Sometimes that's what you want (as with the referringPage entry in the example below), but other times you want to retrieve a previous value and augment it (as with the previousItems entry below). Here's an example:
  HttpSession session = request.getSession(true);
  session.putValue("referringPage", request.getHeader("Referer"));
  ShoppingCart previousItems =
  (ShoppingCart)session.getValue("previousItems");
  if (previousItems == null) {
  previousItems = new ShoppingCart(...);
  String itemID = request.getParameter("itemID");
  previousItems.addEntry(Catalog.getEntry(itemID));
  // You still have to do putValue, not just modify the cart, since
  // the cart may be new and thus not already stored in the session.
  session.putValue("previousItems", previousItems);
  3. Example: Showing Session Information
  Here is a simple example that generates a Web page showing some information about the current session. You can also download the source or try it on-line.
  package hall;
  import java.io.*;
  import javax.servlet.*;
  import javax.servlet.http.*;
  import java.net.*;
  import java.util.*;
  /** Simple example of session tracking. See the shopping
  * cart example for a more detailed one.
  * <P>
  * Part of tutorial on servlets and JSP that appears at
  * http://www.apl.jhu.edu/~hall/java/Servlet-Tutorial/
  * 1999 Marty Hall; may be freely used or adapted.
  public class ShowSession extends HttpServlet {
  public void doGet(HttpServletRequest request,
  HttpServletResponse response)
  throws ServletException, IOException {
  HttpSession session = request.getSession(true);
  response.setContentType("text/html");
  PrintWriter out = response.getWriter();
  String title = "Searching the Web";
  String heading;
  Integer accessCount = new Integer(0);;
  if (session.isNew()) {
  heading = "Welcome, Newcomer";
  } else {
  heading = "Welcome Back";
  Integer oldAccessCount =
  // Use getAttribute, not getValue, in version
  // 2.2 of servlet API.
  (Integer)session.getValue("accessCount");
  if (oldAccessCount != null) {
  accessCount =
  new Integer(oldAccessCount.intValue() + 1);
  // Use putAttribute in version 2.2 of servlet API.
  session.putValue("accessCount", accessCount);
  out.println(ServletUtilities.headWithTitle(title) +
  "<BODY BGCOLOR=\"#FDF5E6\">\n" +
  "<H1 ALIGN=\"CENTER\">" + heading + "</H1>\n" +
  "<H2>Information on Your Session:</H2>\n" +
  "<TABLE BORDER=1 ALIGN=CENTER>\n" +
  "<TR BGCOLOR=\"#FFAD00\">\n" +
  " <TH>Info Type<TH>Value\n" +
  "<TR>\n" +
  " <TD>ID\n" +
  " <TD>" + session.getId() + "\n" +
  "<TR>\n" +
  " <TD>Creation Time\n" +
  " <TD>" + new Date(session.getCreationTime()) + "\n" +
  "<TR>\n" +
  " <TD>Time of Last Access\n" +
  " <TD>" + new Date(session.getLastAccessedTime()) + "\n" +
  "<TR>\n" +
  " <TD>Number of Previous Accesses\n" +
  " <TD>" + accessCount + "\n" +
  "</TABLE>\n" +
  "</BODY></HTML>");
  public void doPost(HttpServletRequest request,
  HttpServletResponse response)
  throws ServletException, IOException {
  doGet(request, response);
  }

• How to get values from a query string in URL in a jsf page?

  if i have a url, http://my.com/?name=john+smith, how do i get the values from that url in a jsf page and then pass those values to a servlet?
  i know how to do that in jsp using "request.getParamter("name")" and save it in a bean and then forward to a servlet. But what about in jsf?

  Hello,
  Try this:
  Map requestMap = FacesContext.getCurrentInstance().getExternalContext().getRequestMap();
  String name = (String) requestMap.get("name");If isn't worked one of these methods probably will solve your problem.
  FacesContext.getCurrentInstance().getExternalContext().getRequestParameterMap();
  FacesContext.getCurrentInstance().getExternalContext().getRequestHeaderMap();hth.

• Web session and authentification session pb with wl6.0

  Hi,
  I am evaluating weblogic 6.0 on windows 2000.
  I have a little web application, with some URL (html, servlet...), I want to protect.
  So I defined a <security-constraint> element in my web.xml
  file, and I binded the logical roles with real participant in
  weblogic.xml
  It works very well at startup. I launch a browser, request a protected URL and the
  authentification window popup. I enter valid info and I can access my URL.
  Perfect.
  Now I want to give the possibility to my user to terminate a session, to disconmect,
  so I had a button, (disconnect) which invoque a servlet which get the current session
  and invalidate it.
  I checked, the session is destroyed and a new one is defined (new ID, new counter...),
  but my user are still connected. It means that if I want to acces a protected URL,
  I still can do it.
  more strange. In both a secured and unsecured page I print the User Principal. When
  I connect, the two pages print the same and right value.
  But if I disconnect, the unsecured page print null(no connection for this session)
  and the secured page print the principal I used to connect in the previous message.
  I know this message is a little bit long, but I tried to give the cleares context.
  Has anyone ancountered that kind of problem? Is there a solution.
  I pass the test with netscape 4.76, netscape 6.01, Internet Explorer 5.50. I got
  the same behavior each time...
  Thanks
  Nicolas

  If you use a Form to authenticate then the browser is unaware of the
  username and password. The PetStore demonstrates how it's done in
  ..\samples\petStore\source\com\bea\estore\util\WLSecurityAdapter.java
  "Nicolas GANDRIAU" <[email protected]> wrote in message
  news:[email protected]...
  >
  Hi John,
  thank you for your answer. It confirmed my first guess, that the
  browser keep the secret info and send them back to the server.
  The server does not make any attachment with the current session.
  But you talk about a "ServletAuthentication" example which presents theway to bind
  the login info in the session. I have not found this servlet, in weblogic6.0 distribution
  or J2EE API.
  Can you give me the exact reference of this servlet.
  Thank you for your help.
  Nicolas
  "John Lindwall" <[email protected]> wrote:
  Nicolas,
  It is my understanding that the authentication information for this
  scenario
  (ie HTTP BASIC authentication) is not contained in the session -- it is
  maintained by the browser and resent with every request. That is why
  invalidating the session makes no difference. If you have a HTTPsnooping
  utility you will see the "Authorization" information (albeit encodedusing
  BASE64) present in the requests from your browser to the server.
  FYI: I've noticed that by using the ServletAuthentication class tomanually
  perform authentication, it DOES in fact store the authentication info in
  the
  session. There is a "done()" method in this class which removes thisinfo
  from the session (ie performs a logout).
  If this link reproduces properly, check it out -- it's a good simple
  explanation of what's going on:
  http://www.support.lotus.com/sims2.nsf/852561c1006719a98525614100588964/877
  a
  0ac029a78f8a8525645f0069a34d?OpenDocument
  For tons of detail on BASIC authentication see
  ftp://ftp.isi.edu/in-notes/rfc2617.txt
  John
  Nicolas GANDRIAU <[email protected]> wrote in message
  news:[email protected]...
  Hi,
  I am evaluating weblogic 6.0 on windows 2000.
  I have a little web application, with some URL (html, servlet...), I
  want
  to protect.
  So I defined a <security-constraint> element in my web.xml
  file, and I binded the logical roles with real participant in
  weblogic.xml
  It works very well at startup. I launch a browser, request a protectedURL
  and the
  authentification window popup. I enter valid info and I can access myURL.
  Perfect.
  Now I want to give the possibility to my user to terminate a session,to
  disconmect,
  so I had a button, (disconnect) which invoque a servlet which get thecurrent session
  and invalidate it.
  I checked, the session is destroyed and a new one is defined (new ID,new
  counter...),
  but my user are still connected. It means that if I want to acces aprotected URL,
  I still can do it.
  more strange. In both a secured and unsecured page I print the UserPrincipal. When
  I connect, the two pages print the same and right value.
  But if I disconnect, the unsecured page print null(no connection for
  this
  session)
  and the secured page print the principal I used to connect in the
  previous
  message.
  I know this message is a little bit long, but I tried to give the
  cleares
  context.
  Has anyone ancountered that kind of problem? Is there a solution.
  I pass the test with netscape 4.76, netscape 6.01, Internet Explorer
  5.50.
  I got
  the same behavior each time...
  Thanks
  Nicolas

• Tomcat 6.0.9 and jsf 1.2 and jstl 1.2 using *.tag file error

  I using :tomcat 6.0.9 and jsf 1.2 and jstl 1.2
  My web.xml is at version 2.5 and I am using a custom tag (with the .tag extension). I am trying to use the http://java.sun.com/jsf/html library and values from my attribute. I'm new to this so I figure I must just me missing something.
  I am run http://192.168.1.1/test.jsf laster,view:
  HTTP Status 500 -
  type Exception report
  message
  description The server encountered an internal error () that prevented it from fulfilling this request.
  exception
  org.apache.jasper.JasperException: Unable to compile class for JSP:
  Stacktrace:
       org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:85)
       org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
       org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:415)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:308)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:286)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:273)
       org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:566)
       org.apache.jasper.servlet.JspServletWrapper.loadTagFile(JspServletWrapper.java:212)
       org.apache.jasper.compiler.TagFileProcessor.loadTagFile(TagFileProcessor.java:576)
       org.apache.jasper.compiler.TagFileProcessor.access$000(TagFileProcessor.java:50)
       org.apache.jasper.compiler.TagFileProcessor$TagFileLoaderVisitor.visit(TagFileProcessor.java:627)
       org.apache.jasper.compiler.Node$CustomTag.accept(Node.java:1507)
       org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2336)
       org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2386)
       org.apache.jasper.compiler.TagFileProcessor$TagFileLoaderVisitor.visit(TagFileProcessor.java:631)
       org.apache.jasper.compiler.Node$CustomTag.accept(Node.java:1507)
       org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2336)
       org.apache.jasper.compiler.Node$Visitor.visitBody(Node.java:2386)
       org.apache.jasper.compiler.Node$Visitor.visit(Node.java:2392)
       org.apache.jasper.compiler.Node$Root.accept(Node.java:489)
       org.apache.jasper.compiler.Node$Nodes.visit(Node.java:2336)
       org.apache.jasper.compiler.TagFileProcessor.loadTagFiles(TagFileProcessor.java:645)
       org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:190)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:306)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:286)
       org.apache.jasper.compiler.Compiler.compile(Compiler.java:273)
       org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:566)
       org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:308)
       org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
       org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
       javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:414)
       com.sun.faces.application.ViewHandlerImpl.executePageToBuildView(ViewHandlerImpl.java:455)
       com.sun.faces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:139)
       com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:108)
       com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:266)
       com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:159)
       javax.faces.webapp.FacesServlet.service(FacesServlet.java:245)
  note The full stack trace of the root cause is available in the Apache Tomcat/6.0.9 logs.
  if go to /WEB-INF/tags/test.tag ,delete line: <h:outputText id="test" value="hello!" />
  run http://192.168.1.1/test.jsf is OK!(no error),So I guess error for "<h:outputText id="test" value="hello!" />" line ,why in test.tag file do can't use the "http://java.sun.com/jsf/html " library,please help me.......
  Here is file WEB-INF/web.xml content:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
  contributor license agreements. See the NOTICE file distributed with
  this work for additional information regarding copyright ownership.
  The ASF licenses this file to You under the Apache License, Version 2.0
  (the "License"); you may not use this file except in compliance with
  the License. You may obtain a copy of the License at
  http://www.apache.org/licenses/LICENSE-2.0
  Unless required by applicable law or agreed to in writing, software
  distributed under the License is distributed on an "AS IS" BASIS,
  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  See the License for the specific language governing permissions and
  limitations under the License.
  -->
  <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd"
  version="2.5">
  <display-name>Welcome to Tomcat</display-name>
  <description>
  Welcome to Tomcat
  </description>
  <!-- Faces Servlet -->
  <servlet>
       <servlet-name>Faces Servlet</servlet-name>
       <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
       <load-on-startup> 1 </load-on-startup>
  </servlet>
  <!-- Faces Servlet Mapping -->
  <servlet-mapping>
       <servlet-name>Faces Servlet</servlet-name>
       <url-pattern>*.jsf</url-pattern>
  </servlet-mapping>
  </web-app>
  Here is file /test.jsp code:
  <%@ page contentType="text/html;charset=UTF-8" %>
  <%@ taglib prefix="tags" tagdir="/WEB-INF/tags" %>
  <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
  <%@ taglib uri="http://java.sun.com/jsf/core" prefix="f" %>
  <%@ taglib uri="http://java.sun.com/jsf/html" prefix="h" %>
  <f:view>
  <html>
  <head>
  <title>test</title>
  </head>
  <body>
  <!-- body start -->
  <h:outputText id="myinfo" value="test success" />
  <tags:test/>
  <!-- body end -->
  </body>
  </html>
  </f:view>
  Here is file /WEB-INF/tags/test.tag code:
  <%@tag pageEncoding="UTF-8"%>
  <%@taglib prefix="f" uri="http://java.sun.com/jsf/core"%>
  <%@taglib prefix="h" uri="http://java.sun.com/jsf/html"%>
  <h:outputText id="test" value="hello!" />
  Thanks for any help.

  Don't know if it's important, but there is no schema avaiable at: http://java.sun.com/xml/ns/j2ee/web-app_2_5.xsd
  I found the right one at: http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd
  /perty
  Message was edited by:
  perajonsson

• How to attach data to url of a jsf page in sun creator

  Can somebody tell me how to attach data to url of a jsf page for example String url="http://w-ngphc-0672.ng.ad.ep.corp.local:8080/Questionnaire/QuestionnaireConnector.jsp?ticket_id="+C.getTicket_id(); accesing this url uses value of C.getTicket_id() and populate the jsp page. How can I achieve this using jsf page in sun creator .
  I'm developing a workflow where url is sent to people and on clicking of the url it takes them to the form of the particular sender with its id attached to the url of the page.

  Here's how I do something similar:
  <ui:hyperlink binding="#{dfrReviewPage.hyperlink4}" id="hyperlink4" style="text-decoration: line-through"
                                                  text="DFR #{currentRow.value['d1.replacesdfr']}"
                                                  url="/getReport/DFR#{currentRow.value['d1.replacesdfr']}.pdf?reportId=#{currentRow.value['d3.replacesformat']}&exportType=0&id=#{currentRow.value['d1.replacesdfr']}" visible="#{currentRow.value['d1.replacesdfr']!=null}"/>As you probably gathered from the currentRow var this is embedded in a table but it could be bound to any bean type object.

• Struts and JSF Integration in OPDk-java based portlet

  Hi,
  thanks in advance for your help.
  I'm developing a PDK java based portlet. For some reasons I cannot use the JSF bridge but I would like to integrate Struts and Jsf in my portlet, using Struts to manage actions and navigation and JSF (with ADF Faces components) for the view. I'm using the Strus-Faces library.
  When I try to submit my portlet form, I receive the error "request URL not found on this server". I'm posting some exstracts of my code.
  It's made of three pages: the main one "Integration1ShowPage", "error" and "result". The MainAction.java displays my mainPage, where there's a form. To keep it easy, when the user submits this form, the ActionName returns "success" and the "result" page should be displayed.
  The MainAction works properly: the portlet is displayed but when I tried to submit the form I receive
  The requested URL /provaDeploy/htdocs/integration1/integration1ShowPage.do was not found on this server.Could you please suggest me something?
  Many many thanks,
  B.
  <struts-config>
  <action-mappings>
    <action path = "/mainAction" type = "strutsjsfintegration1.MainAction">
      <forward name = "success" path = "/faces/htdocs/integration1/integration1ShowPage.faces"/>
    </action>
    <action path = "/nameAction" name = "nameForm"
    input = "/faces/htdocs/integration1/integration1ShowPage.faces" scope = "request"
    type = "strutsjsfintegration1.NameAction">
      <forward name = "success" path = "/faces/htdocs/integration1/result.faces"/>
      <forward name = "failure" path = "/faces/htdocs/integration1/error.faces"/>
      <forward name = "again" path = "faces/htdocs/integration1/integration1ShowPage.faces"/>
    </action>
  </action-mappings>
  <controller>
    <set-property property = "processorClass"
     value="org.apache.struts.faces.application.FacesRequestProcessor"/>
     </controller>
  <message-resources parameter="definitiveStrutsPortlet.ApplicationResources"/>
  </struts-config>

  Hi,
  have a look at this whitepaper for how to use JavaScript in ADF.
  http://www.oracle.com/technetwork/developer-tools/jdev/1-2011-javascript-302460.pdf
  This link here (http://www.oracle.com/technetwork/developer-tools/adf/learnmore/index-101235.html --> see sample 71) shows an integration sample between a Java Applet and ADF. Its a similar use case to yours
  Frank

• URL Session Tracking

  Hi,
  i want to make a group of JSP pages in a Web App, but assuming that the browser doesn't accept cookies.
  Is there anyway that i don't have to indicate every link as
  response.encodeUrl("index.jsp")I've heard something about a <url-session-tracking/> tag, but i've tried to put in the web.xml file, but it doesn't work.
  I just want to put Index and the App Server takes care of putting the jsessionid info in front of the url
  Thank you

  Cancelling this question.

• URL Session Mapping

  Hi,
  i want to make a group of JSP pages in a Web App, but assuming that the browser doesn't accept cookies.
  Is there anyway that i don't have to indicate every link as
  response.encodeUrl("index.jsp")I've heard something about a <url-session-tracking/> tag, but i've tried to put in the web.xml file, but it doesn't work.
  I just want to put Index and the App Server takes care of putting the jsessionid info in front of the url
  Thank you

  Hi Justin,
  This should definitely work with the WebInstaller approach. In fact, we test this as part of our WebTest suite (on all certified containers, including Jetty 6). I believe you are not passing the jsessionid parameter correctly. From your post, you say your pass it like so:
  http[s]://<server_ip>/<path>/index.jsp?jsessionid=<session_id>
  The jessionid is not passed as a standard HTTP parameter - the correct syntax should be:
  http[s]://<server_ip>/<path>/index.jsp;jsessionid=<session_id>
  -David

• URL Rewriting in JSF 1.2

  Hello,
  I am new to JSF. I am using JSF 1.2. I basically need URL rewriting in my JSF pages.
  I need to rewrite all Links in JSF by which jsessionid will attached to links in similar way to html:rewrite/html:link in struts .
  How do i achieve this in JSF 1.2. I heard PrettyFaces does good job in this area but is there any other simple way to URL Rewriting in JSF?
  Thanks in advance
  Subbarao

  JSF will do this automatically if it detects that the session cookie has not been set. (Really this is being done by the servlet infrastructure.) You need to make sure you are using JSF components to output all of the links, buttons, etc. If you need a link otherwise, use the methods on HttpServletResponse to encode the URL.
  I think the configuration for declaring that your application should not use cookies is application server specific.

• Sticky sessions and Load Balancing in WL Clusters

  We are using iPlanet Web Server 4.1 with WebLogic App Server; and would like
  to implement load balancing with sticky sessions and in-memory state
  replication.
  The documentation in Weblogic says that -
  When using in-memory state replication, your WebLogic Server Cluster must
  live behind one or more proxy servers. The proxy servers are smart enough to
  send servlet requests, belonging to the same HTTP session, back to the same
  server in the cluster that holds the session data.
  (Ref: http://www.weblogic.com/docs51/cluster/setup.html)
  Does this mean that the sticky session configuration has to be done on the
  iPlanet Web Server itself ?
  Also, if WebLogic is used as the Web server, does WebLogic provide any
  support for sticky sessions?
  Any help, suggestions or links to useful info are welcome.
  Regards,
  Milind.

  Mike,
  im curious as to why you would recomend using weblogic as a web server in 6.1?
  I would not for the following reasons:
  - it costs 10x more per cpu list
  - it doesnt support hardware accell cards (afaik, please let me know if this has
  changed)
  iplanet is really good a serving up static html and gif's, especially in ssl if you
  have a hardware accell card. So if you have a site with lots of graphics and you use
  ssl a lot, I think its still a better solution.
  -Joel
  Mike Reiche wrote:
  You get sticky round-robin by default.
  You need to have session tracking turned on (i think it is on by default). You
  need to have the WL plugin configured in iPlanet.
  When WL creates an httpSession, it writes a cookie (or rewrites the URL) back
  to the browser. On subsequent requests, the browser sends the cookie and iPlanet
  plug-in directs the request to the correct WL instance based on the ip address
  of the WL server embedded in the cookie.
  If you are using WLS 6.1, I would recommend using it as a web server (and not
  using iPlanet). I imagine that it supports stickly load balancing as well.
  Mike
  Joel Nylund <[email protected]> wrote:
  you get round robin by default, if you want a different scheme you can
  use one
  of the other 3 options (weight, random or parameter).
  -Joel
  I think weight can be set in weblogic properties. I havent used any other
  than
  round robin.
  Milind Prabhu wrote:
  We are using iPlanet Web Server 4.1 with WebLogic App Server; and wouldlike
  to implement load balancing with sticky sessions and in-memory state
  replication.
  The documentation in Weblogic says that -
  When using in-memory state replication, your WebLogic Server Clustermust
  live behind one or more proxy servers. The proxy servers are smartenough to
  send servlet requests, belonging to the same HTTP session, back tothe same
  server in the cluster that holds the session data.
  (Ref: http://www.weblogic.com/docs51/cluster/setup.html)
  Does this mean that the sticky session configuration has to be doneon the
  iPlanet Web Server itself ?
  Also, if WebLogic is used as the Web server, does WebLogic provideany
  support for sticky sessions?
  Any help, suggestions or links to useful info are welcome.
  Regards,
  Milind.

• Toplink session and UnitOfWork synchronization problem

  Dear forum readers,
  I am not sure i fully understand the way how toplink deals with caching. To me it seems, that i got some pretty scary results, which i am not sure how to interpret and to work around them.
  The following code snippet is part of a unit test:
  >>>>>>>>>>>> snip >>>>>>>>>>>>>>>
  1 public void test2() {
  2
  3 UnitOfWork uow = (UnitOfWork) SessionManager.getSessionManager().getSession().getUnitOfWork();
  4 Justitiabele justitiabele = findJustitiabele("findById", Justitiabele.class, new Long(551));
  5 ((JustitiabeleIdentiteit) justitiabele.getJustitiabeleIdentiteiten().iterator().next()).setMeisjesnaam("Kettner10");
  6 Justitiabele tmp = (Justitiabele) uow.registerObject(justitiabele);
  7 ((JustitiabeleIdentiteit) tmp.getJustitiabeleIdentiteiten().iterator().next()).setMeisjesnaam("Kettner10");
  8 uow.commitAndResume();
  9 }
  10
  11 public Justitiabele findJustitiabele(String queryName, Class objectClass, Object param) {
  12      SessionWrapper toplinkSessionWrapper = getSession();
  13      toplinkSessionWrapper.getClientSession().executeQuery(queryName, objectClass, param);
  14 }
  >>>>>>>>>>>>>>>> snip <<<<<<<<<<<<<<<<
  I am querying a particular object (line 4). Then i make some changes to that object (line 5). Cause the object is not registered in the UnitOfWork these changes shouldn't be persisted. So far so good. To achieve persistency i now register the object, and i make the same modifications to the toplink clone, expecting them after the commit to be persisted in the database.
  Contrary to my expectations, the changes were not persisted!!!
  Deleting line 5 (the modifications, before registering the object), leads to the desired result.
  Somehow the queried object seems to be a direct reference to the (client-) session cache. So when registering the object in the UnitOfWork, the (already modified) backupclone is copied from the session cache to the UnitOfWork. If the same changes are done to the working clone,there are no differences between backup- and working clone and no changes are made in the database.
  It gets even better: I tried to query the object again (before line 6) (even with a different UnitOfWork) before modifying it, in order to retrieve the original state of the object, but again i only was able to find the modified object.
  If the queried object indeed is a reference to some cache, i cannot understand, why that cache is not read only!!!
  Am i doing something wrong ?
  Is there a way to work around this problem?
  What are the consequences for transaction handling ? What about Isolation, when clients can see each others changes in a kind of writeable shared session???
  I try to work around that problem by registering every object, that is queried from the database in the UnitOfWork right after it was queried. This seems to me the only solution, though this is contrary to what the toplink developers guide says, namely, that only objects which are modified should be registered, due to performance reasons.
  I would be grateful to any help in understanding and working around this problem.
  Martin
  PS: Here's the log i got by running the test.:
  STDOUT >>>>>>>>>>>>>>>>>>>>>>>>>>>>
  C:\devtools\jdev\905\jdk\bin\javaw.exe -ojvm -classpath C:\ToplinkDemo\ToplinkDomein\classes;C:\ToplinkDemo\ToplinkDomein\classes\META-INF\ToplinkDomein;C:\devtools\jdev\905\toplink\jlib\source.jar;C:\devtools\jdev\905\lib\xmlparserv2.jar;C:\devtools\jdev\905\lib\xmlcomp.jar;C:\devtools\jdev\905\jdbc\lib\classes12.jar;C:\devtools\jdev\905\jdbc\lib\nls_charset12.jar;C:\devtools\jdev\905\toplink\jlib\toplink.jar org.dji.br.bl.domein.TestMain
  ServerSession(91)--Connection(92)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(92)--connecting session: djisession
  ServerSession(91)--Connection(92)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(92)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(101)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(101)--connecting session: djisession
  ServerSession(91)--Connection(101)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(101)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(103)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(103)--connecting session: djisession
  ServerSession(91)--Connection(103)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(103)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(105)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(105)--connecting session: djisession
  ServerSession(91)--Connection(105)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(105)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(107)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(107)--connecting session: djisession
  ServerSession(91)--Connection(107)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(107)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(109)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(109)--connecting session: djisession
  ServerSession(91)--Connection(109)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(109)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--Connection(111)--TopLink, version: OracleAS TopLink - 10g (9.0.4) (Build 031126)
  ServerSession(91)--Connection(111)--connecting session: djisession
  ServerSession(91)--Connection(111)--connecting(DatabaseLogin(
       platform=>Oracle9Platform
       user name=> "dji"
       datasource URL=> "jdbc:oracle:thin:@S-ORACLE01:1521:djipoc"
  ServerSession(91)--Connection(111)--Connected: jdbc:oracle:thin:@S-ORACLE01:1521:djipoc
       User: DJI
       Database: Oracle Version: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production
  With the Partitioning, OLAP and Oracle Data Mining options
  JServer Release 9.2.0.4.0 - Production
       Driver: Oracle JDBC driver Version: 9.0.1.5.0
  ServerSession(91)--sequencing connected, state is ForcedToUseWriteAccessor_State
  ServerSession(91)--client acquired
  ClientSession(114)--acquire unit of work: 113
  ClientSession(114)--Execute query ReadObjectQuery(org.dji.br.bl.domein.justitiabele.Justitiabele)
  ServerSession(91)--Connection(101)--SELECT DJI_NUMMER FROM DJI.JUSTITIABELEN WHERE (DJI_NUMMER = 551)
  ServerSession(91)--Execute query ReadAllQuery(org.dji.br.bl.domein.justitiabele.JustitiabeleIdentiteit)
  ServerSession(91)--Connection(92)--SELECT INDICATIE_NONAMER, ACHTERNAAM, BRN_CODE, MEISJESNAAM, ID, ROEPNAAM, GEBOORTEPLAATS_BUITENLAND, TITEL_BUITENLAND, VOORNAAM, VOORLETTERS, JBE_DJI_NUMMER, DATUM_INGANG, DATUM_EINDE FROM DJI.JUSTITIABELEIDENTITEITEN WHERE (JBE_DJI_NUMMER = 551)
  ServerSession(91)--Execute query ReadObjectQuery(org.dji.br.bl.domein.justitiabele.Justitiabele)
  UnitOfWork(113)--Register the object org.dji.br.bl.domein.justitiabele.Justitiabele@82
  UnitOfWork(113)--Register the existing object org.dji.br.bl.domein.justitiabele.JustitiabeleIdentiteit@84
  UnitOfWork(113)--Register the existing object org.dji.br.bl.domein.justitiabele.Justitiabele@82
  UnitOfWork(113)--begin unit of work commit
  ClientSession(114)--Connection(103)--begin transaction
  UnitOfWork(113)--Execute query WriteObjectQuery(org.dji.br.bl.domein.justitiabele.Justitiabele@83)
  UnitOfWork(113)--Execute query WriteObjectQuery(org.dji.br.bl.domein.justitiabele.JustitiabeleIdentiteit@85)
  ClientSession(114)--Connection(103)--commit transaction
  UnitOfWork(113)--end unit of work commit
  UnitOfWork(113)--resume unit of work
  Process exited with exit code 0.

  Mark,
  The object returned from any query on the sessions is the object from the shared cache. Any changes made to this will change the shared cache.
  You must acquire a UnitOfWork and register the cached object into the UnitOfWork in order to get an isolated copy that can be modified within a transactional context (UnitOfWork) without other threads seeing these transient changes. The typical approach is to read through the session and register objects involved in a change prior to modifications.
  The is a UnitOfWork paper available on TopLink technical information page that may be useful to you:
  http://www.oracle.com/technology/products/ias/toplink/technical/index.html
  Doug

• Acegi and JSF

  Hello,
  I am using Acegi security system in my JSF app. Seems to working fine so far. However, I have a huge problem with securechannelfilter. Im not sure if that's a Acegi problem or JSF. So, I'm trying my luck in this forum first.
  As in many web applications of today required, I as well want to secure certain pages by using a HTTPS connection (personal data and billing information pages). Acegi uses a filter to switch automatically between HTTP and HTTPS pages. Those pages are defined in the security configuration of Acegi. This seems to work "as designed". However, if the URL is http://www.myhost/mywebapp/myhttpspage.jsf it is changed into http://www.myhost/mywebapp/myhttpspage.jsp (notice .jsp instead of .jsf). Calling the latter URL will cause a FacesContext not found exception, which is rather logical. I already tried out to change the faces servlet's url pattern to something like "/faces/*" but that URL will also be change in to the absolute URL (without "/faces/") so the result is the exact same as with the .jsf extension.
  So, I thought, I'm writing a filter, that catces all .jsp calls and redirects them into .jsf (as one should usually do anyways to prevent jsp's bein called directly). Also I check in this filter, if a https ressource has been requested so I forward them to the right URL. Now I'm ending up in an infite loop. My redirection in the filter to the right URL triggers the Acegi redirecting feature to https (don't know why since I already redirect to the correct URL), changing the jsf extension in the URL back to jsp. From there it goes back into the filter (because of the jsp extension) and so forth ...
  It doesn't really seem to me that Acegi's securechannelfilter is made to be used in JSF applications. Did anybody here figure out, how to use this feature in a JSF application? For the time being, I'm going to try out to protect the pages via the web.xml.
  Thanks for any reply in advance!
  Cheers,
  Joerg

  Hello,
  first of all, the Acegi Security Framework is now called Sping Security and you might want to look up information under that name. However, I've always had problems to find any proper documentation for Spring or Acegi. And I mean some useful information with WORKING examples. The Acegi guys refer to some examples but that doesn't really help. What really fed me up with Aceig is, that some examples don't really work on my machine/project and I have no clue why. In my project, I needed to have some pages secured with https and used the securechannelFilter of Acegi, which I never got to work. Sure, they have a message forum but you always depend on someone being nice enough to help you out with your problem. Anyways, to make a long story short: I ditched Acegi and wrote my own filter and request wrapper and I'm using JAAS for the security. At least I now know what's going on and I can blame myselfe if it doesn't work :)
  The problems I ran into: You need Spring to setup Acegi, because it relies on it. Like Spring, Acegi is a XML configuration hell. The documentation is not made for beginners and (like Spring's) has many errors in it which drive you crazy because you assume the docs are correct. There is a JSF taglib for Acegi and that worked quite nice. However, Acegi is URL driven and sometimes, JSF does not show the actual URL of the page, that you are currently looking at. E.g. you have a main page with a login button. Click on the button and you are refered to the login page. However, your browser still shows the main page URL. This is where Acegi simply fails.
  If you don't need https and you simply want to have authorization, I recommend that you use JAAS and an own realm. That's straight forward and (if you use Netbeans 6.x) fairly simple to configure in your project. The realm you can hook up to LDAP or a database that has user/role mappings in it. Google for "JAAS jdbc realm database" and you will find some easy to understand tutorials. Here's one using Glassfish and My-SQL:
  http://blogs.sun.com/swchan/entry/jdbcrealm_in_glassfish_with_mysql
  Hope, that helps!
  Cheers,
  Joerg