9

I would like to have a session scoped JSF bean with one property that is request (page) scoped. Is it possible at all?

ThinkingStiff
  • 64,767
  • 30
  • 146
  • 239
Jarek
  • 91
  • 1
  • 2

1 Answers1

8

No, that's not possible. Managed property injection only happens during creation of the bean. However, when a session scoped bean is been created there is not necessarily a request present and the injected request scoped bean would be invalid in subsequent requests in the remnant of the session.

Do it the other way round. E.g.

@ManagedBean
@SessionScoped
public class UserManager {

    private User current;

    // ...
}

and

@ManagedBean
@RequestScoped
public class Login {

    private String username;
    private String password;

    @ManagedProperty(value="#{userManager}")
    private UserManager userManager;

    @EJB
    private UserService userService;

    public String submit() {
        User user = userService.find(username, password);

        if (user != null) {
            userManager.setCurrent(user);
            return "home?faces-redirect=true";
        } else {
            addErrorMessage("Unknown login, please try again");
            return null;
        }
    }

    // ...
}
BalusC
  • 1,082,665
  • 372
  • 3,610
  • 3,555
  • I tried this but it resulted in the following exception: `Unable to set property userManager for managed bean credentials`.What am I missing? I put getters and setters for userManager but nothing.... – Hari May 27 '13 at 13:48
  • Please press `Ask Question` button on right top if you have a new question unrelated to the original question. Don't forget to paste the full stack trace along, the answer is namely usually just straight in its root cause. – BalusC May 27 '13 at 13:51
  • Thank you for fast response, here is my question (just posted). – Hari May 27 '13 at 14:03
  • @BalusC - Actually this **is** possible. I had the same doubt about the validity of such setup. However I stumbled on [another question](http://stackoverflow.com/q/26305295/744133) explaining how mismatched scopes are handled. Original sample came from JBoss, and I tried similar with TomEE. I might like the reversed approach a little better (not sure, need to think about it, hence no down/up vote). – YoYo Nov 18 '14 at 04:59
  • AAARGH - why is it that we still spend so much time implementing and reimplementing those login scenario's. Every example that I am stumbling on is again Login. No wonder we have those security breaches. For anyone trying to implement Login - I would strongly encourage looking into single sign on and tools like [PicketLink](http://picketlink.org) and [KeyCloak](http://keycloak.jboss.org). Just saying you know ... – YoYo Nov 18 '14 at 05:26
  • @JoD: note that the current question assumes that bean is managed by JSF, not by CDI (where it is indeed possible). Please don't mix up technologies, or it will confuse you to madness. – BalusC Nov 18 '14 at 07:02
  • Right ... missed that clue. Now I am still left with a design choice to make. Mysteriously, I am also dealing with a `userManager` and `credentials`. – YoYo Nov 18 '14 at 09:49