Home/ Questions/Q 8019057
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-04T21:16:31+00:00

I am using a session scoped managed bean for handling login in a Java

  • 0

I am using a session scoped managed bean for handling login in a Java EE application. After I authenticate the user, the user object is saved in this session bean. However, after I refresh the page, the session bean values are gone.

I was debugging the code and it results that the constructor of the session scoped managed bean is called again on page refresh, therefore initializing the user object with a new user. I guess this is not a normal behavior since it should be preserved on the session shouldn’t it?

I am posting some parts of the login managed bean including the parameters and the login method. Basically the enteredEmail and enteredPassword stand for the entered data on the login form. If the authentication succeeds, the loggedIn boolean is turned to true and the logged in user object is stored in the checkedUser variable.

import javax.faces.bean.ManagedBean;
import javax.faces.bean.SessionScoped;

@ManagedBean
@SessionScoped
public class LoginController  implements Serializable {

@EJB
private LoginSessionBean loginSessionBean;
@EJB
private LecturerFacade lecturerFacade;

private Lecturer checkedUser;
private String enteredEmail;
private String enteredPassword;
private boolean loggedIn;





/** Creates a new instance of loginController */
public LoginController() {
   loggedIn = false;
   checkedUser = new Lecturer();
}
public String login(){
    RequestContext context = RequestContext.getCurrentInstance();
    FacesMessage msg = null;

    this.setCheckedUser(lecturerFacade.findLecturerByEmail(enteredEmail));

    if(loginSessionBean.checkPassword(checkedUser, enteredPassword))
    {
        loggedIn = true;
        msg = new FacesMessage(FacesMessage.SEVERITY_INFO, "Welcome", checkedUser.getFirstName()+ " " + checkedUser.getLastName());



        FacesContext.getCurrentInstance().addMessage(null, msg);
        context.addCallbackParam("loggedIn", loggedIn);



    }
    return "Index";

I am also posting the two EJBs that the above managed bean uses. The lecturerFacade retrieves the user object with the entered email, while the loginSessionBean checks the password.

@Stateless
public class LecturerFacade extends AbstractFacade<Lecturer> {
@PersistenceContext(unitName = "EffectinetWebPU")
private EntityManager em;

Logger logger = Logger.getLogger("MyLog");
FileHandler fh;


protected EntityManager getEntityManager() {
    return em;
}

public LecturerFacade() {
    super(Lecturer.class);
}

public Lecturer findLecturerByEmail(String email) {
    try {
        return (Lecturer) this.getEntityManager().createQuery("SELECT l FROM Lecturer l WHERE l.email = :email").setParameter("email", email).getSingleResult();
    } catch (NoResultException e) {
        System.err.println("Caught NOResultException: "+  e.getMessage());
        return null;
    } catch (NonUniqueResultException e) {
        System.err.println("Caught NonUniqueResultException: "+  e.getMessage());
        return null;
    } catch (IllegalStateException e) {
        System.err.println("Caught IllegalStateException: "+  e.getMessage());
        return null;
    }
}

_

@Stateless

public class LoginSessionBean {

// Add business logic below. (Right-click in editor and choose
// "Insert Code > Add Business Method")
@PersistenceContext(unitName = "EffectinetWebPU")
private EntityManager em;

protected EntityManager getEntityManager() {
    return em;
}

public void setEntityManager(EntityManager em) {
    this.em = em;
}



public boolean checkPassword(Lecturer user, final String enteredPassword) {
    if (user.getPassword().equals(enteredPassword)) {
        return true;
    } else {
        return false;
    }
}

}

Please if someone has any suggestion of what is going wrong, please tell me

Im using glassfish 3.1 as application server and Primefaces as JSF library. Also, I have checked and the imported the sessionScoped annotation from the right package and not from javax.enterprise…

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Your problem is thus here:

    <p:menuitem value="Logout" ... onclick="#{loginController.logout()}"/>

    The onclick attribute should represent a JavaScript handler function which is to be executed in the webbrowser when the enduser clicks the element. Something like

    onclick="alert('You have clicked this element!')"

    The onclick attribute also accepts a ValueExpression, so you can even let JSF/EL autogenerate its value accordingly:

    onclick="#{bean.onclickFunction}"

    with

    public String getOnclickFunction() {
    return "alert('You have clicked this element!')";
}

    All the EL is thus evaluated when the page is rendered. In your particular case, the logout() method is called everytime the EL is evaluated and thus you’re invalidating the session everytime the page is rendered!

    You need to bind it to an attribute which takes a MethodExpression like <h:commandLink action>, <h:commandButton action> and in this particular case <p:menuitem action>.

    <p:menuitem value="Logout" ... action="#{loginController.logout()}"/>

    This can be understood by understanding basic HTML and JavaScript concepts and keeping in mind that JSF ultimately produces HTML/CSS/JS. Open the JSF page in webbrowser, rightclick and View Source to realize it.

    • 0