Is there any configuration in web.xml which redirects the application to login page after sesion expired in JSF.I google it but didn't find any good and simple answer.
I found this but it didn't work.
<error-page>
<exception-type>javax.faces.application.ViewExpiredException</exception-type>
<location>/faces/index.xhtml</location>
</error-page>
If there is no configuration for this then how can i do this in JSF?
Thanks
Possible answer: Handling ViewExpiredException depending on the current view.
What I'm using is a PrimeFaces - Extensions specific solution called AjaxErrorHandler. Take a look at their showcase for implementation tips.
As far as I know the above configuration will not work for AJAX requests.
Another possible answer: How to redirect to index page if session time out happend in jsf application
Yet another possible answer: Use a JSF PhaseListener.
Additionaly, I suggest using a Filter to check if your session is already alive and, if not, redirect to your custom error page (i don't remember where I learnt this method, probably through BalusC):
public class AuthenticationFilter implements Filter {
private FilterConfig config;
public void init(FilterConfig filterConfig) throws ServletException {
this.config = filterConfig;
}
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
if(((HttpServletRequest) request).getSession().getAttribute("some_attribute_you_store_in_Session") == null){
((HttpServletResponse)response).sendRedirect("yourCustomJSF.jsf");
}else{
chain.doFilter(request, response);
}
}
public void destroy() {
this.config = null;
}
// You also have to implement init() and destroy() methods.
}
Then, you have to declare this filter (and the url patterns that will trigger the filter) in your web.xml:
<filter>
<filter-name>AuthenticationFilter</filter-name>
<filter-class>yourPackage.AuthenticationFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>AuthenticationFilter</filter-name>
<url-pattern>private.jsf</url-pattern>
</filter-mapping>
I store my own bean in my JSF session so I can keep my user information. When the filter receives a null return while accessing the class, I know the session has been invalidated (maybe because it has expred, or just the user has logged out) and i redirect the request to my error page.
I found this but it didn't work.
It should work. Most likely you were exclusively using ajax requests. This way the standard web.xml error page mechanism won't be used at all. You should instead be using the JSF ExceptionHandler facility.
The JSF utility library OmniFaces has a FullAjaxExceptionHandler which is designed for exactly this purpose. It reuses standard web.xml error page mechanisms for exceptions/errors during ajax requests. You can find a showcase demo here. It also handles the ViewExpiredException.
