Home/ Questions/Q 8310763
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T19:34:40+00:00

While trying to figure out how to implement a login filter for a JSF

  • 0

While trying to figure out how to implement a login filter for a JSF app I saw these 2 lines of code that I didn’t understand that much :

public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {  

HttpServletRequest req = (HttpServletRequest) request;
LoginBean login = (LoginBean) req.getSession().getAttribute("login");

}

Assuming that LoginBean class is a session scoped bean named “login” , as I noticed the bean is an attribute for the request , what is the relation between them ? are all session scoped bean saved as “attributes” in request sessions ?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    are all session scoped bean saved as "attributes" in request sessions ?

    That’s correct. JSF is just a MVC framework which is built on top of the bare Servlet API, not an entirely standalone framework which can run without the Servlet API. Even more, the JSF core controller FacesServlet is a fullworthy Servlet, so it definitely requires a servlet container to run. The concept "session" is in the Servlet API provided by HttpSession, so it would make fully sense to store JSF session scoped beans in there instead of reinventing it.

    Note that JSF request scoped beans are stored as HttpServletRequest attributes and that JSF application scoped beans are stored as ServletContext attributes.

    See also:

    • 0