ICEsoft.org Forums: ICEfaces, ICEmobile, ICEpdf

Hi,

Since our application uses SSO there is no login page where the user types their credentials. Rather they simply navigate to the main page (or any other) of the application and are logged on.

When the session expires they are redirected to a session expiry page where they are presented a message and a link back to the main page. Before moving the application to Seam, this all worked quite well.

Now when the session expires and the application is redirected to sessionExpired.xhtm the following is logged:

13:14:23,745 ERROR [SessionDispatcher] java.lang.IllegalStateException: getAttributeNames: Session already invalidated
13:14:23,745 INFO [SessionDispatcher] Session already invalidated.
13:15:53,762 INFO [Contexts] starting up: org.jboss.seam.security.ruleBasedPermissionResolver
13:15:53,762 INFO [Contexts] starting up: org.jboss.seam.security.identity
13:15:53,762 INFO [Contexts] starting up: org.jboss.seam.web.session
13:15:53,777 WARN [DisposeViews] Request belonging to a different session. Most probably servlet filters mangled the request.

After which the page appears to display correctly.

However, when the link back to the main page is clicked the main page gives an error (see attached file for full trace):

Exception during request processing:
Caused by javax.faces.FacesException with message: "Problem in renderResponse: javax.el.ELException: /inc/projectManager/favouritesAndAllProjectsTabsFacelet.xhtml @23,69 selectedIndex="#{projectManager.selectedFavoritesAndProjectsTabIndex}": Error reading 'selectedFavoritesAndProjectsTabIndex' on type com.rim.traveler.projectManager.ManagerBean_$$_javassist_4"

Caused by org.hibernate.LazyInitializationException with message: "failed to lazily initialize a collection of role: com.rim.traveler.model.entity.projectcentral.UsersEntity.favorites, no session or session was closed"

How should the session expiry page be constructed to avoid the initial “session already invalidated” error?

How should the link be constructed so it works correctly?

Vic

Supporting info follows:

Environment:

ICEfaces 1.7.2 SP1
Build number: 11
Revision: 17935
Using facelets

ICEfaces using JSF 1.2 JSP tags

JBoss 4.2.3GA

Seam-Version: 2.1.1.GA

Web.xml excerpt:
Code:

<context-param>
   		<param-name>com.icesoft.faces.sessionExpiredRedirectURI</param-name>
   		<param-value>'/TravelerII/sessionExpired.seam'</param-value>
   	</context-param>

sessionExpired.xhtml attached

pages.xml

Code:

<page view-id="/sessionExpired.xhtml" login-required="false">
         
     </page>
 
     <page view-id="*" login-required="true">
         <navigation>
             <rule if-outcome="home">
                 <redirect view-id="/home.xhtml"/>
             </rule>
         </navigation>
     </page>

THe exception:-
Code:

LazyInitializationException with message: "failed to lazily initialize a collection of role: com.rim.traveler.model.entity.projectcentral.UsersEntity.favorites, no session or session was closed"

make me wonder how you are generating the list of roles that are available. It looks like there is one already available. and linked to an existing session (which has timed out?).

If you have your list in conversation-scope, make sure you end the conversation so this list is destroyed, and if the bean is accessed again a new one is created. YOu might want to put some debugging into an annotated method with @Destroy to see if the bean with this collection of roles is actually being destroyed and then recreated with the new session. (If you are invalidating a session or it times out, how/when/where are you creating a new one the next time?).

Hi Judy,

I think your assessments about the conversation are correct. So a couple of specific questions:

- how should I end the conversation when the redirect to my session expired page happens? With a page action? What scope should the component have that performs this page action?

- do I need to do an identity.logout to clean up the session? Where is the best place to put this?

Thanks,

Vic

You can invalidate the session directly to clean up the session (which is the usual way of things), but the conversation context is stored within the session, so any lists of entities are naturally taken care of within Seam if you manage your conversations correctly. It's pretty handy to use the conversational context and then, when no longer needed, end it which takes care of a lot of lazy loading exceptions. You must have some definition of when a session ends & begins already, so you should be able to determine when to start/end the sessions, then within that when to use conversation contexts within that session.