[snip]
Now the phase listener has the convention, that "foo" and "bar" are
the bean properties
and populates the bean with the given values.
If the destination bean is itself a managed bean, you can actually avoid this restriction, by allowing the bean itself to configure capturing interesting request parameters with an _expression_ like this in a <value> element:
#{param.foo}
#{param.bar}
This would also avoid cases where the backing bean just happens to have a property with the same name as one of the request parameters, which will get modified by your logic (and could lead to a variety of DOS attacks by clients that add spurious parameter values).
Craig
