I have attached a sample web application containing pages that use a CDI SessionScoped bean. One of the pages has a security constraint. Logging into the secured page causes the SessionScoped bean to be dropped and a new one created. After login, the bean retains its value as expected. The HttpSession behaves correctly, it is apparently the CDI session context which is ending and beginning again. This has been observed under TomEE 1.5.0, 1.5.1, and the 1.5.2-20130118.041121-42-webprofile snapshot.
This example works correctly under Gl*ssF*sh and JB*ss. Extract the attached jar file then use Maven to build it. -- William J. Eaton, [email protected] (713) 202-1620 LifeFormulae, LLC 9119 Highway 6 South #228 Missouri City, TX 77459
cdisessionbug.jar
Description: application/java-archive
