Login/Register
ViewExpiredException on a WildFly-served webapp only in a particular webbrowser
Asked Answered
Solved jsfsessionwildflyviewexpiredexception
M

2

5

I have a jsf application running on Wildfly 8.1.0Final and, ONLY in Google Chrome, when I click on the Login button, i receive ViewExpiredException, in others browsers, or in Chrome Incognito Mode, works perfectly!

Someone knows what could be?

20:29:18,531 INFO  [stdout] (default task-49) 2014-09-16 20:29:18 ERROR context:218 - javax.faces.application.ViewExpiredException: viewId:/login.jsf - A exibição de /login.jsf não pôde ser restaurada.
20:29:18,532 INFO  [stdout] (default task-49)   at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:210)
20:29:18,532 INFO  [stdout] (default task-49)   at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
20:29:18,532 INFO  [stdout] (default task-49)   at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:121)
20:29:18,532 INFO  [stdout] (default task-49)   at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:198)
20:29:18,532 INFO  [stdout] (default task-49)   at javax.faces.webapp.FacesServlet.service(FacesServlet.java:646)
20:29:18,532 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
20:29:18,533 INFO  [stdout] (default task-49)   at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)
20:29:18,533 INFO  [stdout] (default task-49)   at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
20:29:18,534 INFO  [stdout] (default task-49)   at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
20:29:18,534 INFO  [stdout] (default task-49)   at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
20:29:18,535 INFO  [stdout] (default task-49)   at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
20:29:18,535 INFO  [stdout] (default task-49)   at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
20:29:18,535 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)
20:29:18,535 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
20:29:18,536 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
20:29:18,536 INFO  [stdout] (default task-49)   at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
20:29:18,536 INFO  [stdout] (default task-49)   at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)
20:29:18,536 INFO  [stdout] (default task-49)   at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
20:29:18,536 INFO  [stdout] (default task-49)   at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
20:29:18,536 INFO  [stdout] (default task-49)   at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
20:29:18,536 INFO  [stdout] (default task-49)   at java.lang.Thread.run(Unknown Source)
20:29:18,536 INFO  [stdout] (default task-49)

My pom.xml:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.inbit</groupId>
<artifactId>ProjetoBase</artifactId>
<packaging>war</packaging>
<version>0.0.1-SNAPSHOT</version>
<name>ProjetoBase</name>

<properties>
    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    <jetty.version>6.1.4</jetty.version>
</properties>


<dependencyManagement>
    <dependencies>
        <dependency>
            <groupId>javax.annotation</groupId>
            <artifactId>jsr250-api</artifactId>
            <version>1.0</version>
            <scope>provided</scope>
        </dependency>
        <dependency>
            <groupId>javax.faces</groupId>
            <artifactId>javax.faces-api</artifactId>
            <version>2.2</version>
            <scope>provided</scope>
        </dependency>

        <dependency>
            <groupId>org.jboss.spec</groupId>
            <artifactId>jboss-javaee-6.0</artifactId>
            <version>3.0.2.Final</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>



<dependencies>

    <dependency>
        <groupId>org.hibernate.javax.persistence</groupId>
        <artifactId>hibernate-jpa-2.0-api</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>javax.enterprise</groupId>
        <artifactId>cdi-api</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>javax.annotation</groupId>
        <artifactId>jsr250-api</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.jboss.spec.javax.ejb</groupId>
        <artifactId>jboss-ejb-api_3.1_spec</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>javax.faces</groupId>
        <artifactId>javax.faces-api</artifactId>
        <scope>provided</scope>
    </dependency>
    <dependency>
        <groupId>org.jboss.spec.javax.servlet</groupId>
        <artifactId>jboss-servlet-api_3.0_spec</artifactId>
        <scope>provided</scope>
    </dependency>

    <dependency>
        <groupId>org.hibernate</groupId>
        <artifactId>hibernate-validator</artifactId>
        <version>4.0.0.GA</version>
        <scope>compile</scope>
    </dependency>

    <dependency>
        <groupId>org.hibernate</groupId>
        <artifactId>hibernate-entitymanager</artifactId>
        <version>4.3.6.Final</version>
    </dependency>

    <!-- JPA Persistence Dependencies -->

    <dependency>
        <groupId>hsqldb</groupId>
        <artifactId>hsqldb</artifactId>
        <version>1.8.0.10</version>
    </dependency>

    <dependency>
        <groupId>postgresql</groupId>
        <artifactId>postgresql</artifactId>
        <version>9.1-901-1.jdbc4</version>
    </dependency>

    <dependency>
        <groupId>org.primefaces</groupId>
        <artifactId>primefaces</artifactId>
        <version>5.0</version>
    </dependency>


    <dependency>
        <groupId>junit</groupId>
        <artifactId>junit</artifactId>
        <version>4.6</version>
    </dependency>

    <dependency>
        <groupId>org.mockito</groupId>
        <artifactId>mockito-all</artifactId>
        <version>1.9.5</version>
    </dependency>

    <dependency>
        <groupId>log4j</groupId>
        <artifactId>log4j</artifactId>
        <version>1.2.17</version>
    </dependency>

    <dependency>
        <groupId>org.glassfish.web</groupId>
        <artifactId>el-impl</artifactId>
        <version>2.2</version>
    </dependency>


    <dependency>
        <groupId>org.slf4j</groupId>
        <artifactId>slf4j-log4j12</artifactId>
        <version>1.5.6</version>
    </dependency>


</dependencies>



<repositories>
    <!-- JBoss Repository used for Java EE 6 pieces -->
    <repository>
        <id>repository.jboss.org</id>
        <name>JBoss Repository</name>
        <url>http://repository.jboss.org/nexus/content/groups/public-jboss/</url>
    </repository>

    <repository>
        <id>prime-repo</id>
        <name>PrimeFaces Maven Repository</name>
        <url>http://repository.primefaces.org</url>
        <layout>default</layout>
    </repository>

</repositories>


<build>
    <finalName>ProjetoBase</finalName>
    <plugins>

        <!-- Facilitates downloading source and javadoc in Eclipse -->
        <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-eclipse-plugin</artifactId>
            <version>2.8</version>
            <configuration>
                <wtpversion>2.0</wtpversion>
                <downloadSources>true</downloadSources>
                <downloadJavadocs>true</downloadJavadocs>
            </configuration>
        </plugin>

        <!-- Plugin to run and test through maven -->
        <plugin>
            <groupId>org.mortbay.jetty</groupId>
            <artifactId>maven-jetty-plugin</artifactId>
            <version>6.1.25</version>
            <configuration>
                <scanIntervalSeconds>3</scanIntervalSeconds>
            </configuration>
        </plugin>

        <!-- Ensures we are compiling at 1.7 level -->
        <plugin>
            <artifactId>maven-compiler-plugin</artifactId>
            <version>3.0</version>
            <configuration>
                <source>1.7</source>
                <target>1.7</target>
            </configuration>
        </plugin>


    </plugins>
</build>

And my Login page:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:p="http://primefaces.org/ui">
<ui:composition template="/resources/template/principalAcesso.xhtml">
<ui:define name="conteudo">

    <div id="login">

        <h2>
            <span class="fontawesome-lock"></span>ProjetoBase

        </h2>

        <h:form id="formLogin">
            <h:panelGroup id="painelLogin" styleClass="loading">
                <div id="fieldset">
                    <p:focus context="formLogin" />
                    <p>
                        <label for="input_login">Login</label>
                    </p>
                    <p>
                        <p:inputText styleClass="input" id="input_login"
                            value="#{loginBack.login}" />
                    </p>
                    <p>
                        <label for="senha">Senha</label>
                    </p>
                    <p>
                        <p:password id="senha" required="true" styleClass="input"
                            requiredMessage="A senha não pode ser em branco."
                            value="#{loginBack.senha}" />
                    </p>
                    <p style="text-align: center;">
                        <p:commandButton process="@form" value="Entrar"
                            action="#{loginBack.login()}" styleClass="botaoLogin"
                            update=":growl, formLogin" id="btnEntrar" />

                    </p>

                </div>
            </h:panelGroup>
            <p:blockUI block="painelLogin" trigger="btnEntrar">  
                        Realizando login...<br />
                <img src="resources/images/ajax.gif" />
            </p:blockUI>
        </h:form>
    </div>

</ui:define>

Someone could help me?

Thanks for any help!

Mixer answered 16/9, 2014 at 23:36 Comment(2)
How much time is between open a login page and click on login button? Maybe you cleared cookies after open login page?Keratoid
I click on the Login Button after just 1 second and shows the error...Mixer
A
8

WildFly in its current version 8.1 has trouble with (session) cookies, particularly those originating from "unknown" servers. You probably already know that cookies are domain specific and are everytime sent back to the server by the browser. If you've previously used the same browser on exactly the same domain which is served by a different server (e.g. Tomcat, JBoss, GlassFish, etc), and the cookie in question happens to be the JSESSIONID cookie, then WildFly will be unable to properly create the HTTP session.

It'll work if you trash all domain-specific (localhost) cookies before opening the webapp. Or, as you correctly observed, if you open an Incognito window (which basically starts with a crisp and clean state), or when the cookies are already expired for long (those other browsers are very rarely used, right?). As a temporary workaround without needing to fiddle around in browser's cookie store, you could also create a servlet filter which checks for duplicate request cookies and trash them.

WildFly has another problem with session cookies, by the way. When it creates the session cookie for the first time, it doesn't use the / path, but an empty string as path (which basically translates to the current folder instead of the root folder). This has the consequence that when you visit the webapp for the first time by requesting a folder path, then the parent/root folder(s) wouldn't share the same session. This part is in turn workaroundable with the following setting in web.xml:

<session-config>
    <cookie-config>
        <path>/</path>
    </cookie-config>
</session-config>

See also:

Andry answered 17/9, 2014 at 6:31 Comment(4)
I tried add this to my web.xml, but I got an error in eclipse "Description Resource Path Location Type cvc-complex-type.2.4.a: Invalid content was found starting with element 'cookie-config'. One of '{"java.sun.com/xml/ns/javaee":session-timeout}' is expected. web.xml /project/src/main/webapp/WEB-INF line 60 XML Problem " I solved the problem cleaning the cookies of the browser, you are absolutely right in your answer, I got this problem because I migrate from Tomcat to Wildfly, thanks!Mixer
This setting is new since Servlet 3.0. So either you didn't declare your web.xml conform a minimum of Servlet 3.0 (which would have other consequences as well .. e.g. @WebListener, @WebFilter, etc not working), or your IDE is far outdated and not ready for Servlet 3.0 (Java EE 6) development.Andry
@Andry Are these issues still in 8.2?Isodynamic
@DanielSzalay cookies for a root deployment are fixed in WildFly 8.2Traveler
G
0

This is now 2022 and I'm using wildfly-26.0.0.Final. I had this exact problem only in Brave rather than Chrome. Although a later version of Wildfly and the bug fix in Wildfly 8.2, I thought it worth the exercise to follow the clear advice from BalusC for Wildfly 8.1, the problem persisted :).

In the end it was removal of the Chrome Xdebug browser extension that fixed it for me.

Grasso answered 18/1, 2022 at 22:32 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.