Hi all,
I am facing a strange problem, will like to have some comments on the same from the group. My http session is not getting preserved. Here is the brief about the problem 1. I am using a filter for request authentication and authorization. 2. User needs to login to the system (Authenticate) before accessing any resource. 3. There are some resources which are accessible to only some users based on some business logic. 4. In my authentication backing bean (UserBean) I am setting the UserBean in the session scope. The UserBean is defined in the faces-config.xml as a session scope bean. 5. In my authentication filter I am checking for the availably of the UserBean in the session, if the user is found the user request will authenticated. 6. The using some business logic the request authorization will be done. 7. If the request is authenticated and authorized, I am calling chain.doFilter() else forwarding to a error page. This all works fine on my machine. I am able to get the same session object. But on some other machines I am getting different session objects on each request even though the UserBean is defined in the session scope. Due to this my UserBean is not maintained in the session leading me to the login page. I am using JSF+Shale. Is there something which is causing my session object to be replaced each and every time. Up to what I knowledge I am stating few statements. Please correct me if I am wrong or making some mistake. 1. request.getSession( false ) will not create new session if it is not already present. 2. session object will be valid till you invalidate it using session.invalidate() or the browser is closed. I am new to the shale and jsf. Is there something which I am missing? Please help me out, I am totally confused. Does the request and response object coming to the filter are different than the one wrapped in the external context of the facescontext???? Thanks for spending your valuable time for me. Regards, Purushottam M. Nawle.
