Develop Reference

'Access Denied' page Redirect are not working

My web project is based on Spring 3.2.5.RELEASE, JSF 2 and PrimeFaces 6. I'm using #PreAuthorize annotation on class level at service layer as below:
#Service("packageService")
#Transactional(readOnly = true)
#PreAuthorize("hasAnyRole('befit')")
public class PackageServiceImpl implements PackageService {
}
At JSF managed bean level, I don't have any #PreAuthorize. On #PostConstruct method, I have called couple methods from service layer which requires authorization.
At XHTML page, I use EL to get data from managed bean.
Security configuration as:
<sec:http auto-config="true" use-expressions="true">
<sec:access-denied-handler error-page="/access.xhtml"/>
<!-- Page level Spring Security : Intercept access to resources in /faces/** -->
<sec:intercept-url pattern="/faces/admin/*"
access="hasAnyRole('befit','admin')" />
<sec:intercept-url pattern="/faces/befit/*"
access="hasAnyRole('befit')" />
<sec:intercept-url pattern="/faces/online/*"
access="isAuthenticated()" />
Functionalities are working fine. If an user logged in 'less' role and try to access pages required 'more' roles, I do see 'Access Denied' exception from #PostConstruct method. But it doesn't navigate to access.xhtml page.
Note: I have tried using a bean to handle AccessDeniedException as
#Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
response.sendRedirect(response.encodeRedirectURL(request.getContextPath() + accessDeniedUrl));
request.getSession().setAttribute("message", "You are not authorized to access this resource.");
}
And I got the exception as below
cannot call sendredirect after the response has been committed servlet
Could you please advice what I miss?
Note: Updated with StackTrace
Oct 12, 2016 4:50:00 PM com.sun.faces.application.view.FaceletViewHandlingStrategy handleRenderException
SEVERE: Error Rendering View[/faces/befit/corporate/corporate_manage.xhtml]
com.sun.faces.mgbean.ManagedBeanCreationException: An error occurred performing resource injection on managed bean corporateManageMBean
at com.sun.faces.mgbean.BeanBuilder.invokePostConstruct(BeanBuilder.java:227)
at com.sun.faces.mgbean.BeanBuilder.build(BeanBuilder.java:103)
at com.sun.faces.mgbean.BeanManager.createAndPush(BeanManager.java:409)
at com.sun.faces.mgbean.BeanManager.create(BeanManager.java:269)
at com.sun.faces.el.ManagedBeanELResolver.resolveBean(ManagedBeanELResolver.java:257)
at com.sun.faces.el.ManagedBeanELResolver.getValue(ManagedBeanELResolver.java:117)
at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:176)
at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:203)
at org.apache.el.parser.AstIdentifier.getValue(AstIdentifier.java:71)
at org.apache.el.parser.AstValue.getValue(AstValue.java:161)
at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:184)
at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:109)
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:194)
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:182)
at javax.faces.component.UIOutput.getValue(UIOutput.java:174)
at javax.faces.component.UIInput.getValue(UIInput.java:291)
at org.primefaces.util.ComponentUtils.getValueToRender(ComponentUtils.java:94)
at org.primefaces.util.ComponentUtils.getValueToRender(ComponentUtils.java:58)
at org.primefaces.component.inputtext.InputTextRenderer.encodeMarkup(InputTextRenderer.java:71)
at org.primefaces.component.inputtext.InputTextRenderer.encodeEnd(InputTextRenderer.java:52)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:920)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1863)
at javax.faces.render.Renderer.encodeChildren(Renderer.java:176)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:890)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1856)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1859)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1859)
at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:458)
at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:134)
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:120)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:219)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:659)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1083)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:640)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:631)
at com.itservicesdepot.befit.master.service.impl.CorporateServiceImpl$$EnhancerByCGLIB$$64cca414.fetchAll(<generated>)
at com.itservicesdepot.befit.master.controller.managedBean.CorporateManageMBean.init(CorporateManageMBean.java:62)
... 90 more
Oct 12, 2016 4:50:00 PM com.sun.faces.context.ExceptionHandlerImpl throwIt
INFO: Exception when handling error trying to reset the response.
com.sun.faces.mgbean.ManagedBeanCreationException: An error occurred performing resource injection on managed bean corporateManageMBean
at com.sun.faces.mgbean.BeanBuilder.invokePostConstruct(BeanBuilder.java:227)
at com.sun.faces.mgbean.BeanBuilder.build(BeanBuilder.java:103)
at com.sun.faces.mgbean.BeanManager.createAndPush(BeanManager.java:409)
at com.sun.faces.mgbean.BeanManager.create(BeanManager.java:269)
at com.sun.faces.el.ManagedBeanELResolver.resolveBean(ManagedBeanELResolver.java:257)
at com.sun.faces.el.ManagedBeanELResolver.getValue(ManagedBeanELResolver.java:117)
at com.sun.faces.el.DemuxCompositeELResolver._getValue(DemuxCompositeELResolver.java:176)
at com.sun.faces.el.DemuxCompositeELResolver.getValue(DemuxCompositeELResolver.java:203)
at org.apache.el.parser.AstIdentifier.getValue(AstIdentifier.java:71)
at org.apache.el.parser.AstValue.getValue(AstValue.java:161)
at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:184)
at com.sun.faces.facelets.el.TagValueExpression.getValue(TagValueExpression.java:109)
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:194)
at javax.faces.component.ComponentStateHelper.eval(ComponentStateHelper.java:182)
at javax.faces.component.UIOutput.getValue(UIOutput.java:174)
at javax.faces.component.UIInput.getValue(UIInput.java:291)
at org.primefaces.util.ComponentUtils.getValueToRender(ComponentUtils.java:94)
at org.primefaces.util.ComponentUtils.getValueToRender(ComponentUtils.java:58)
at org.primefaces.component.inputtext.InputTextRenderer.encodeMarkup(InputTextRenderer.java:71)
at org.primefaces.component.inputtext.InputTextRenderer.encodeEnd(InputTextRenderer.java:52)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:920)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1863)
at javax.faces.render.Renderer.encodeChildren(Renderer.java:176)
at javax.faces.component.UIComponentBase.encodeChildren(UIComponentBase.java:890)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1856)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1859)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:1859)
at com.sun.faces.application.view.FaceletViewHandlingStrategy.renderView(FaceletViewHandlingStrategy.java:458)
at com.sun.faces.application.view.MultiViewHandler.renderView(MultiViewHandler.java:134)
at com.sun.faces.lifecycle.RenderResponsePhase.execute(RenderResponsePhase.java:120)
at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:101)
at com.sun.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:219)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:659)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:343)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:260)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:442)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1083)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:640)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.sun.faces.spi.InjectionProviderException
at com.sun.faces.vendor.WebContainerInjectionProvider.invokeAnnotatedMethod(WebContainerInjectionProvider.java:115)
at com.sun.faces.vendor.WebContainerInjectionProvider.invokePostConstruct(WebContainerInjectionProvider.java:95)
at com.sun.faces.mgbean.BeanBuilder.invokePostConstruct(BeanBuilder.java:221)
... 83 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.sun.faces.vendor.WebContainerInjectionProvider.invokeAnnotatedMethod(WebContainerInjectionProvider.java:113)
... 85 more
Caused by: org.springframework.security.access.AccessDeniedException: Access is denied
at org.springframework.security.access.vote.AffirmativeBased.decide(AffirmativeBased.java:83)
at org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:206)
at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:60)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:631)
at com.itservicesdepot.befit.master.service.impl.CorporateServiceImpl$$EnhancerByCGLIB$$64cca414.fetchAll(<generated>)
at com.itservicesdepot.befit.master.controller.managedBean.CorporateManageMBean.init(CorporateManageMBean.java:62)
... 90 more
Updated with Spring Security
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:tx="http://www.springframework.org/schema/tx"
xsi:schemaLocation="
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.2.xsd">
<!-- Enable method level Spring Security by annotations -->
<sec:global-method-security pre-post-annotations="enabled" />
<sec:http auto-config="true" use-expressions="true">
<sec:access-denied-handler ref="accessDeniedHandler"/>
<!-- Page level Spring Security : Intercept access to resources in /faces/** -->
<sec:intercept-url pattern="/faces/editor/*"
access="hasAnyRole('editor,befit,admin')" />
<sec:intercept-url pattern="/faces/admin/*"
access="hasAnyRole('befit,admin')" />
<sec:intercept-url pattern="/faces/befit/*"
access="hasAnyRole('befit')" />
<sec:intercept-url pattern="/faces/online/*"
access="isAuthenticated()" />
<!-- Page level Spring Security : Intercept access to resources in /WEB-INF/templates/** -->
<sec:intercept-url pattern="/WEB-INF/templates/**"
access="permitAll" />
<!-- Page level Spring Security : Enable Primefaces -->
<sec:intercept-url pattern="/javax.faces.resource/**"
access="permitAll" />
<!-- Define login page for Spring Security -->
<sec:form-login login-page="/login.xhtml" />
<!-- Define logout properties for Spring Security -->
<sec:logout invalidate-session="true" delete-cookies="true"
logout-success-url="/landing.xhtml"></sec:logout>
</sec:http>
<!-- Set customUserDetailsService class as the authentication Manager for
Spring Security -->
<sec:authentication-manager alias="authenticationManager">
<sec:authentication-provider
user-service-ref="authenticationServiceImpl">
<sec:password-encoder hash="plaintext"></sec:password-encoder>
</sec:authentication-provider>
</sec:authentication-manager>
<!-- Inject authentication Manager to masterSecurityBean -->
<bean id="loginMBean" name="loginMBean" class="com.itservicesdepot.befit.master.controller.managedBean.LoginMBean" scope="request">
<property name="authenticationManager" ref="authenticationManager"></property>
</bean>
<bean id="accessDeniedHandler" class="com.itservicesdepot.befit.master.controller.validator.MasterAccessDeniedHandler">
<property name="errorPage" value="/access.xhtml" />
</bean>
</beans>
public class MasterAccessDeniedHandler extends org.springframework.security.web.access.AccessDeniedHandlerImpl {
private final Logger logger = LoggerFactory.getLogger(MasterAccessDeniedHandler.class);
#Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
this.logger.info("redirect ");
super.handle(request, response, accessDeniedException);
}
}
Updated with CorporateManageMBean
#PostConstruct
public void init() {
String id = this.getParameterByName(AppConstant.ID);
if (StringUtils.isNotEmpty(id)) {
this.corporate = this.corporateService.fetchById(Long.valueOf(id));
this.header = this.getResourceByName("corporate.profile.label.modify.header");
}
else {
this.corporate = new CorporateEntity();
header = this.getResourceByName("corporate.profile.label.add.header");
}
// this call to corporateService will throw AccessDenied
this.corporates = this.corporateService.fetchAll();
this.packages = this.packageService.fetchAll();
The CorporateService as below
#Service("corporateService")
#Transactional(readOnly = true)
#PreAuthorize("hasAnyRole('befit')")
public class CorporateServiceImpl implements CorporateService {
#Override
public List<CorporateEntity> fetchAll() {
return this.corporateDAO.fetchAll();
}
}
Updated with web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<welcome-file-list>
<welcome-file>landing.xhtml</welcome-file>
</welcome-file-list>
<!-- All parameters -->
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>ultima-indigo</param-value>
</context-param>
<context-param>
<param-name>primefaces.FONT_AWESOME</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>log4jConfigLocation</param-name>
<param-value>/WEB-INF/log4j.xml</param-value>
</context-param>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</context-param>
<context-param>
<param-name>facelets.DEVELOPMENT</param-name>
<param-value>true</param-value>
</context-param>
<!-- All defined Listeners -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
</listener>
<!-- All defined Servlets -->
<servlet>
<servlet-name>SpringMVC</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/root-context.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
<!-- Mapping -->
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>SpringMVC</servlet-name>
<url-pattern>*.action</url-pattern>
</servlet-mapping>
</web-app>

If I'm not mistaken, you gotta use the 'ROLE_' prefix and uppercase characters for your role.
If you just want to give access to one role, use
hasRole('ROLE_BEFIT').
If you want to give access to more than one, use
hasAnyRole('ROLE_BEFIT', 'ROLE_ADMIN').
Check the Spring Security manual, section Common Built-in Expressions.

Comment out <sec:access-denied-handler/> from Spring Security configuration and add following controller advice to handle AcessDeniedException and then redirect to access denied page.
#Component
#ControllerAdvice
public class ControllerBase {
#ExceptionHandler(value = AccessDeniedException.class)
public ModelAndView accessDenied() {
return new ModelAndView("redirect:access.xhtml");
}
}
In your configuration file declare a bean for your AccessDeniedHandler like this:
<http>
<access-denied-handler ref="accessDeniedHandler"/>
</http>
<beans:bean id="accessDeniedHandler" class="com.ia.security.AccessDeniedHandlerImpl">
<beans:property name="errorPage" value="/access.xhtml"/>
</beans:bean>
and then do something like this with your AccessDeniedHandler:
public class AccessDeniedHandlerImpl extends org.springframework.security.web.access.AccessDeniedHandlerImpl {
// SLF4J logger
private static final Logger logger = LoggerFactory.getLogger(AccessDeniedHandlerImpl.class);
#Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
logger.log("AccessDeniedException triggered!");
super.handle(request, response, accessDeniedException);
}
}
You are making a basic mistake here.
Use either Access Denied Handler inside XML to redirect to Access Denied Page or redirect from your AccessDeniedException handler. Don't use both.
Remove your AccessDeniedException handler and try then.
Redirection is already done by Access Denied Handler from XML and you are again trying to redirect, which is not possible.

JSF 2 Managed bean concurrent access between logged in users

Basic example to showcase my problem :
Two users A and B connect to the JSF web app from different browsers, and the welcoming page shows their documents and a search panel.
Both of them want to search for documents using a word or sentence.
(for instance) A wants to search for the word "sheets" and B wants to search for the word "virus".
They write down the word in the form input and they simultaneously submit the form.
A gets the result of her search, while B suddenly gets also the same result as A with a word he didn't type which is "sheets".
Here's my managedBean :
#ManagedBean
#RequestScoped
public class DocumentController implements Serializable {
private String motSearch= null;
private boolean searching = false;
private boolean rechercheStructure = true;
private DocumentDao dao; //Dependency injection with Spring
public void onload(Utilisateur user)
{
if(!searching)
{
motSearch = null;
documentsListForConnectedUser(user);
}
else{
search(user);
}
}
public void search(Utilisateur user)
{
documentsListForConnectedUser(user);// getting documents list from database
searching = true;
List<Document> list = new ArrayList<>();
list.addAll(user.getDocuments());
user.setDocuments(new ArrayList<>());
//...
if(motSearch != null && !motSearch.isEmpty())
{
LOGGER.info("motSearch : "+motSearch.toLowerCase());
List<Document> docs = user.getDocuments();
for(Document doc : list)
{
if(!docs.contains(doc) && (doc.getNom().toLowerCase().contains(motSearch.toLowerCase()) ||
doc.getDescription().toLowerCase().contains(motSearch.toLowerCase()) ||
doc.getTheme().toLowerCase().contains(motSearch.toLowerCase()) ||
doc.getKeywords().contains(motSearch.toLowerCase())))
{
docs.add(doc);
}
}
docs = filter(docs);
if(docs.size() == 0)
{
user.setDocuments(null);
}
}
else
{
user.setDocuments(list);
}
}
}
The JSF page ListeDocuments.xhtml :
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://xmlns.jcp.org/jsf/html"
xmlns:f="http://xmlns.jcp.org/jsf/core"
xmlns:p="http://primefaces.org/ui">
<h:head>
<f:metadata>
<f:viewParam name="searching" value="#{documentController.searching}" />
<f:viewParam name="structure" value="#{documentController.rechercheStructure}"/>
<f:viewParam name="q" value="#{documentController.motSearch}"/>
<f:viewAction action="#{documentController.onload(user)}"/>
</f:metadata>
</h:head>
<h:body>
<h:form id="myForm" prependId="false" >
<h:inputHidden value="true" id="searching"/>
<div class="center">
<h:selectOneRadio converter="javax.faces.Boolean"
value="#{documentController.rechercheStructure}" onchange="check()" id="structure">
<f:selectItem itemLabel="Recherche structurée" itemValue="true" />
<f:selectItem itemLabel="Recherche plein texte" itemValue="false" />
</h:selectOneRadio>
</div>
<div class="row">
<div class="input-field col s12 m7 l8">
<p:inputTextarea styleClass="materialize-textarea" id="q" value="#{documentController.motSearch}"/>
<label for="q">Mot/phrase à chercher</label>
</div>
</div>
<p:commandButton styleClass="btn blue-grey" update=":table"
type="submit" value="Chercher"
action="ListeDocuments?faces-redirect=true&includeViewParams=true" />
</h:form>
<p:dataTable id="table" tableStyleClass="hoverable striped" rows="10" paginator="true"
value="#{user.documents}" var="doc"
paginatorPosition="bottom" paginatorAlwaysVisible="false" styleClass="borderless">
<!--Columns-->
</p:dataTable>
</h:body>
</html>
My web.xml :
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_0.xsd"
id="WebApp_ID" version="3.0">
<welcome-file-list>
<welcome-file>index.xhtml</welcome-file>
</welcome-file-list>
<session-config>
<tracking-mode>COOKIE</tracking-mode>
</session-config>
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<error-page>
<error-code>404</error-code>
<location>/404.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/serverError.xhtml</location>
</error-page>
<error-page>
<exception-type>java.lang.Exception</exception-type>
<location>/serverError.xhtml</location>
</error-page>
<!-- Add Support for Spring -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>WEB-INF/applicationContext.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener
</listener-class>
</listener>
<context-param>
<param-name>primefaces.THEME</param-name>
<param-value>none</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
</web-app>
faces-config.xml file :
<?xml version='1.0' encoding='UTF-8'?>
<faces-config version="2.2" xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee
http://xmlns.jcp.org/xml/ns/javaee/web-facesconfig_2_2.xsd">
<application>
<el-resolver>
org.springframework.web.jsf.el.SpringBeanFacesELResolver
</el-resolver>
</application>
PS : I'm using :
Mojarra 2.2.9 JSF implementation.
Apache Tomcat 7 server with Servlet 3.0.
Spring but I only use it to inject interface implementations like DAOs.
Hibernate 4/JPA as ORM.
Since I needed to use Omnifaces 2.4 library for its converters I was obliged to integrate CDI (weld-servlet-2.3.5 final) and create an empty beans.xml (guidelines from BalusC blog), and I don't use any of its annotations in my managedBeans.
The only annotations I use are #ManagedBean and #xxxxScoped from javax.faces.bean and sometimes #PostConstruct.
Finally Primefaces 6.0
Any help is appreciated !

redirect in Spring MVC with AngularJS

I am newer in the angularJS. I'm working with spring mvc 3.1.1.RELEASE and tiles 2.2.2.
I want to display a hosts' list of client in the second page.
There's where I'm at:
client.jsp :
[...]
<table class="table table-bordered table-striped">
<thead>
<tr>
<th scope="col"><spring:message code="clients.name" /></th>
<th scope="col"><spring:message code="clients.email" /></th>
<th scope="col"></th>
</tr>
</thead>
<tbody>
<tr ng-repeat="client in page.source">
<td class="tdClientsCentered">
<input type="hidden" value="{{client.id}}" />
<a href="<c:url value='/protected/hosts/{{client.id}}'/>" >
{{client.name}}
</a>
</td>
<td class="tdClientsCentered">{{client.email}} </td>
</tr>
</tbody>
</table>
[...]
So when the user click in the link (user) the page of "hostsList" will display.
hosts.jsp :
<div class="row-fluid" ng-controller="hostsController">
[...]
<div>
<table class="table table-bordered table-striped">
<thead>
<tr>
<th scope="col"><spring:message code="host.name" /></th>
</tr>
</thead>
<tbody>
<tr ng-repeat="host in hosts">
<td class="tdHostsCentered"><input type="hidden" value="{{host.id}}" /> {{host.name}} - {{host.addressip}}</td>
</tr>
</tbody>
</table>
</div>
[...]
tiles.xml:
<definition name="master.page" template="/public/template/master.jsp">
<put-attribute name="header" value="/public/template/header.jsp" />
<put-attribute name="footer" value="/public/template/footer.jsp" />
</definition>
<definition name="hostsList" extends="master.page">
<put-attribute name="body" value="/protected/hosts/hosts.jsp" />
</definition>
HostsController.java
#RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = "application/json")
public ModelAndView listAll(#PathVariable("id") int id, #RequestParam(required = false, defaultValue = DEFAULT_PAGE_DISPLAYED_TO_USER) int page,Locale locale) {
createListAllResponse(page, locale, id);
ModelAndView modelAndview = new ModelAndView("hostsList");
HostListVO hostListVO = hostService.findAll(page, maxResults, id);
modelAndview.addObject(hostListVO);
return modelAndview;
}
hosts.js
"user strict";
function getParameterByName(name) {
name = name.replace(/[\[]/, "\\[").replace(/[\]]/, "\\]");
var regex = new RegExp("[\\?&]" + name + "=([^&#]*)"),
results = regex.exec(location.search);
return results == null ? "" : decodeURIComponent(results[1].replace(/\+/g, " "));
}
km.app = angular.module('km', []);
angular.element(document).ready(function () {
var app = document.getElementById('km');
angular.bootstrap(app, ['km']);
});
km.app.service('Utils', function ($http, $q) {
var self = this;
});
function GlobalCtrl($scope, $location, GlobalSettings, $http, $routeParams, $timeout, Utils) {
}
km.app.controller('hostCtrl', ['$scope', 'Utils', function ($scope, Utils) {
$scope.hosts = [];
var dataset = [];
try {
Utils.GetValidations(getParameterByName('id')).then(function (data) {
$scope.hosts = data.hosts;
});
} catch (err) {
alert(err);
}
} ]);
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd ">
<!-- Spring servlet that will handle the requests -->
<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/spring.xml</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<!-- Map all requests to the DispatcherServlet for handling -->
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>
<!-- Spring basic configuration -->
<!-- Bootstraps the root web application context before servlet initialization -->
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<!-- needed for ContextLoaderListener -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/spring/spring.xml</param-value>
</context-param>
<!-- Spring security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<!-- Encoding helper filter -->
<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<servlet-name>dispatcher</servlet-name>
</filter-mapping>
<!-- Encoding utility -->
<jsp-config>
<jsp-property-group>
<url-pattern>*.jsp</url-pattern>
<page-encoding>UTF-8</page-encoding>
<trim-directive-whitespaces>true</trim-directive-whitespaces>
</jsp-property-group>
</jsp-config>
</web-app>
I get :
javax.servlet.ServletException: Could not resolve view with name 'hostsList' in servlet with name 'dispatcher'
org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1204)
org.springframework.web.servlet.DispatcherServlet.processDispatchResult(DispatcherServlet.java:1005)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:952)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:870)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:961)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:852)
javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:837)
javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:88)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:330)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:118)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:154)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:150)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:199)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:110)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:50)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:344)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:261)
Any help would be appreciated.

in your host controller try
ModelAndView modelAndview = new ModelAndView("/hostsList"); instead of just "hostList"

The spring bean is not injected if I call a method in the post-constructed class

I am doing a spring bean injection to my jsf managed bean property for which am getting the above mentioned error. The following is the full stack trace:
SEVERE: Error Rendering View[/sample.xhtml]
javax.faces.FacesException: Could not retrieve value of component with path : {Component-Path : [Class: javax.faces.component.UIViewRoot,ViewId: /sample.xhtml][Class: javax.faces.component.html.HtmlForm,Id: j_id1848100722_6e27c746][Class: javax.faces.component.html.HtmlBody,Id: j_id1848100722_6e27c740][Class: javax.faces.component.html.HtmlInputText,Id: j_id1848100722_6e27c7f4]}
at org.apache.myfaces.shared_impl.renderkit.RendererUtils.getValue(RendererUtils.java:347)
at org.apache.myfaces.shared_impl.renderkit.RendererUtils.getStringValue(RendererUtils.java:291)
at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.renderInputBegin(HtmlTextRendererBase.java:169)
at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.renderInput(HtmlTextRendererBase.java:158)
at org.apache.myfaces.shared_impl.renderkit.html.HtmlTextRendererBase.encodeEnd(HtmlTextRendererBase.java:75)
at javax.faces.component.UIComponentBase.encodeEnd(UIComponentBase.java:519)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:618)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:614)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:614)
at javax.faces.component.UIComponent.encodeAll(UIComponent.java:614)
at org.apache.myfaces.view.facelets.FaceletViewDeclarationLanguage.renderView(FaceletViewDeclarationLanguage.java:1159)
at org.apache.myfaces.application.ViewHandlerImpl.renderView(ViewHandlerImpl.java:263)
at org.apache.myfaces.lifecycle.RenderResponseExecutor.execute(RenderResponseExecutor.java:85)
at org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:239)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:191)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)
Caused by: javax.faces.FacesException: java.lang.reflect.InvocationTargetException
at org.apache.myfaces.config.ManagedBeanBuilder.buildManagedBean(ManagedBeanBuilder.java:228)
at org.apache.myfaces.el.unified.resolver.ManagedBeanResolver.createManagedBean(ManagedBeanResolver.java:303)
at org.apache.myfaces.el.unified.resolver.ManagedBeanResolver.getValue(ManagedBeanResolver.java:266)
at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:67)
at org.apache.myfaces.el.unified.resolver.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:142)
at org.apache.myfaces.el.VariableResolverImpl.resolveVariable(VariableResolverImpl.java:65)
at org.apache.myfaces.el.convert.VariableResolverToELResolver.getValue(VariableResolverToELResolver.java:96)
at javax.el.CompositeELResolver.getValue(CompositeELResolver.java:67)
at org.apache.myfaces.el.unified.resolver.FacesCompositeELResolver.getValue(FacesCompositeELResolver.java:142)
at org.apache.el.parser.AstIdentifier.getValue(AstIdentifier.java:72)
at org.apache.el.parser.AstValue.getValue(AstValue.java:147)
at org.apache.el.ValueExpressionImpl.getValue(ValueExpressionImpl.java:189)
at org.apache.myfaces.view.facelets.el.TagValueExpression.getValue(TagValueExpression.java:85)
at javax.faces.component._DeltaStateHelper.eval(_DeltaStateHelper.java:243)
at javax.faces.component.UIOutput.getValue(UIOutput.java:71)
at javax.faces.component.UIInput.getValue(UIInput.java:143)
at org.apache.myfaces.shared_impl.renderkit.RendererUtils.getValue(RendererUtils.java:343)
... 30 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.core.DefaultInstanceManager.postConstruct(DefaultInstanceManager.java:212)
at org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:154)
at org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:146)
at org.apache.myfaces.config.annotation.Tomcat7AnnotationLifecycleProvider.newInstance(Tomcat7AnnotationLifecycleProvider.java:68)
at org.apache.myfaces.config.ManagedBeanBuilder.buildManagedBean(ManagedBeanBuilder.java:162)
... 46 more
Caused by: java.lang.NullPointerException
at common.beans.StartBean.fillTable(StartBean.java:35)
... 55 more
My web xml is the following:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>testjsf</display-name>
<welcome-file-list>
<welcome-file>sample.xhtml</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.SERIALIZE_STATE_IN_SESSION</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>client</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.PRETTY_HTML</param-name>
<param-value>true</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.DETECT_JAVASCRIPT</param-name>
<param-value>false</param-value>
</context-param>
<context-param>
<param-name>org.apache.myfaces.AUTO_SCROLL</param-name>
<param-value>true</param-value>
</context-param>
<listener>
<listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener- class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
</web-app>
My application context is the following:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-2.5.xsd">
<bean id="springb" class="common.springbeans.Springbean">
</bean>
</beans>
My faces-config is the following:
<?xml version="1.0" encoding="UTF-8"?>
<faces-config
xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_2_0.xsd"
version="2.0">
<managed-bean>
<managed-bean-name>userbean</managed-bean-name>
<managed-bean-class>common.beans.StartBean</managed-bean-class>
<managed-bean-scope>view</managed-bean-scope>
<managed-property>
<property-name>ispringBeans</property-name>
<value>#{springb}</value>
</managed-property>
</managed-bean>
<application>
<el-resolver>
org.springframework.web.jsf.el.SpringBeanFacesELResolver
</el-resolver>
</application>
</faces-config>
The jars I included are the following:
Lastly this is the piece of code where I am trying to inject:
public class StartBean implements Serializable{
/**
*
*/
private static final long serialVersionUID = 1L;
private String value;
private boolean val;
private ArrayList<TestModel> list;
private TestModel tm;
private IDataFillBean bean;
private IspringBeans ispringBeans;
#PostConstruct
public void fillTable(){
setList(new ArrayList<TestModel>(0));
list = (ArrayList<TestModel>) ispringBeans.fillDatamodel();
}
}
It seems a direct injection. Am I missing anything here?
Please guide me. Thanks in advance.
EDIT: Now, I removed #postConstruct annotation from the class fillTable, called fillTable from "action" of commandButton and this exception goes off, Does this mean during #postConstruct method call the spring bean still wont be injected into the properties?

I have tested with a new application with new eclipse juno having mojarra and it seem to work fine. So the problem turns out to be Myfaces.

PrimePush chat is not working

my target is on page load to subscribe two users in chat (teacher and student), and they can send messages to each others, so here's what i did:
1- BackingBean:
package com.myapp.beans;
import org.primefaces.context.RequestContext;
import org.primefaces.push.PushContext;
import org.primefaces.push.PushContextFactory;
import org.springframework.context.annotation.Scope;
import org.springframework.stereotype.Component;
import com.ocpsoft.pretty.faces.annotation.URLMapping;
import com.xeno.xenoTemplate.utils.constants.Pages;
#Component("chatBean")
#Scope("view")
#URLMapping(id = Pages.CHAT, pattern = "/chat", viewId = "/faces/pages/users/chat.xhtml")
public class ChatView {
private final PushContext pushContext = PushContextFactory.getDefault()
.getPushContext();
private String privateMessage;
private String privateUser;
private final static String CHANNEL = "/chat/";
private String student = "student";
private String teacher = "teacher";
private boolean pageLoaded;
private boolean studentLoggedIn;
private boolean teacherLoggedIn;
public void preRender() {
System.out.println("########### preRender CHAT BEAN #########");
if (!pageLoaded) { // invoked first time page loaded
System.out.println("########### Invoking PreRender Code #########");
if (!studentLoggedIn) {
System.out.println("########## STUDENT LOG IN ##########");
RequestContext.getCurrentInstance().execute(
"subscriber.connect('/" + student + "')");
studentLoggedIn = true;
}
if (!teacherLoggedIn) {
System.out.println("########## TEACHER LOG IN ##########");
RequestContext.getCurrentInstance().execute(
"subscriber.connect('/" + teacher + "')");
teacherLoggedIn = true;
}
pageLoaded = true;
}
}
public void sendPrivate() {
System.out.println("######### SEND PRIVATE ##########");
pushContext.push(CHANNEL + privateUser, "[PM] " + "PRIVATE" + ": "
+ privateMessage);
privateMessage = null;
}
public void setTeacher(String teacher) {
this.teacher = teacher;
}
public String getTeacher() {
return teacher;
}
public void setStudent(String student) {
this.student = student;
}
public String getStudent() {
return student;
}
public void setStudentLoggedIn(boolean studentLoggedIn) {
this.studentLoggedIn = studentLoggedIn;
}
public boolean isStudentLoggedIn() {
return studentLoggedIn;
}
public void setTeacherLoggedIn(boolean teacherLoggedIn) {
this.teacherLoggedIn = teacherLoggedIn;
}
public boolean isTeacherLoggedIn() {
return teacherLoggedIn;
}
public String getPrivateUser() {
return privateUser;
}
public void setPrivateUser(String privateUser) {
this.privateUser = privateUser;
}
public String getPrivateMessage() {
return privateMessage;
}
public void setPrivateMessage(String privateMessage) {
this.privateMessage = privateMessage;
}
}
and in the JSF page:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:ice="http://www.icesoft.com/icefaces/component"
xmlns:p="http://primefaces.org/ui"
xmlns:pretty="http://ocpsoft.com/prettyfaces"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:sec="http://www.springframework.org/security/tags"
xmlns:c="http://java.sun.com/jsp/jstl/core">
<h:head>
<title>Chat</title>
</h:head>
<h:body>
<ui:composition template="/pages/template/commonLayout.xhtml">
<ui:define name="content">
<f:event type="preRenderView" listener="#{chatBean.preRender}" />
<h:form id="form">
<p:fieldset id="container" legend="PrimeChat" toggleable="true">
<h:panelGroup>
<h:panelGrid columns="2" columnClasses="publicColumn,usersColumn"
style="width:400px;">
<p:outputPanel style="height: 100px;" id="public" layout="block"
styleClass="ui-corner-all ui-widget-content chatlogs" />
<h:panelGroup id="users" styleClass="usersList">
<p:commandButton id="private_send" title="Chat" icon="ui-icon-comment"
oncomplete="pChat.show()" update=":form:privateChatContainer">
<f:setPropertyActionListener value="#{chatBean.student}"
target="#{chatBean.privateUser}" />
</p:commandButton>
#{chatBean.student}
</h:panelGroup>
</h:panelGrid>
</h:panelGroup>
</p:fieldset>
<!-- Private Chat Dialog -->
<p:dialog widgetVar="pChat" header="Private Chat" modal="true"
showEffect="fade" hideEffect="fade">
<h:panelGrid id="privateChatContainer" columns="2"
columnClasses="vtop,vtop">
<p:outputLabel for="pChatInput"
value="To: #{chatBean.privateUser}" />
<p:inputTextarea id="pChatInput"
value="#{chatBean.privateMessage}" rows="5" cols="30" />
<p:spacer />
<p:commandButton value="Send"
actionListener="#{chatBean.sendPrivate}"
oncomplete="pChat.hide()" />
</h:panelGrid>
</p:dialog>
</h:form>
<p:socket onMessage="handleMessage" channel="/chat"
autoConnect="false" widgetVar="subscriber" />
<script type="text/javascript">
function handleMessage(data) {
alert('handleMessage');
var chatContent = $(PrimeFaces
.escapeClientId('form:public'));
chatContent.append(data + '<br />');
chatContent.scrollTop(chatContent.height());
}
</script>
</ui:define>
</ui:composition>
</h:body>
</html>
web.xml:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<display-name>MyAPP</display-name>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener
</listener-class>
</listener>
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>
classpath:META-INF/spring/applicationContext.xml
classpath:META-INF/spring/applicationSecurity.xml
</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_LIBRARIES</param-name>
<param-value>
/WEB-INF/springsecurity.taglib.xml;/WEB-INF/utils.taglib.xml
</param-value>
</context-param>
<context-param>
<param-name>javax.faces.FACELETS_SKIP_COMMENTS</param-name>
<param-value>false</param-value>
</context-param>
<!-- -->
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
<welcome-file-list>
<welcome-file>/</welcome-file>
</welcome-file-list>
<context-param>
<description>State saving method: 'client' or 'server' (=default). See JSF Specification 2.5.2</description>
<param-name>javax.faces.STATE_SAVING_METHOD</param-name>
<param-value>server</param-value>
</context-param>
<context-param>
<param-name>javax.servlet.jsp.jstl.fmt.localizationContext</param-name>
<param-value>resources.application</param-value>
</context-param>
<filter>
<filter-name>hibernateFilter</filter-name>
<filter-class>org.springframework.orm.hibernate4.support.OpenSessionInViewFilter</filter-class>
<init-param>
<param-name>sessionFactoryBeanName</param-name>
<param-value>sessionFactory</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>hibernateFilter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<!-- Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>
org.springframework.web.filter.DelegatingFilterProxy
</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
<!--
<filter>
<filter-name>Pretty Filter</filter-name>
<filter-class>com.ocpsoft.pretty.PrettyFilter</filter-class>
<init-param>
<param-name>logLevel</param-name>
<param-value>ERROR</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>Pretty Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>FORWARD</dispatcher>
<dispatcher>REQUEST</dispatcher>
<dispatcher>ERROR</dispatcher>
</filter-mapping>
-->
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<error-page>
<exception-type>java.lang.Throwable</exception-type>
<location>/error</location>
</error-page>
<error-page>
<error-code>400</error-code>
<location>/error</location>
</error-page>
<error-page>
<error-code>404</error-code>
<location>/pageNotFound</location>
</error-page>
<!-- PrimePush Servlet -->
<servlet>
<servlet-name>Push Servlet</servlet-name>
<servlet-class>org.primefaces.push.PushServlet</servlet-class>
<load-on-startup>1</load-on-startup>
<init-param>
<param-name>org.atmosphere.cpr.broadcasterCacheClass</param-name>
<param-value>org.atmosphere.cache.HeaderBroadcasterCache</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.broadcasterClass</param-name>
<param-value>org.atmosphere.cpr.DefaultBroadcaster</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.broadcastFilterClasses</param-name>
<param-value>org.atmosphere.client.TrackMessageSizeFilter</param-value>
</init-param>
<init-param>
<param-name>org.atmosphere.cpr.sessionSupport</param-name>
<param-value>true</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>Push Servlet</servlet-name>
<url-pattern>/primepush/*</url-pattern>
</servlet-mapping>
</web-app>
i am using the following jars:
JSF 2.1.10
PrimeFaces 4.0-SNAPSHOT
Tomcat 7.0.32
atmosphere-runtime 1.0.1
HEADERS
Request URL:http://localhost:8080/MyAPP/chat
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/xml, text/xml, */*; q=0.01
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:282
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Cookie:JSESSIONID=2BB4298A4E291CCCBB80EE3A4A5624BC
Faces-Request:partial/ajax
Host:localhost:8080
Origin:http://localhost:8080
Referer:http://localhost:8080/PrimeTemplate/chat
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.47 Safari/536.11
X-Requested-With:XMLHttpRequest
Form Dataview URL encoded
javax.faces.partial.ajax:true
javax.faces.source:form:j_idt31
javax.faces.partial.execute:#all
form:j_idt31:form:j_idt31
form:form
form:j_idt24:
form:container_collapsed:false
form:pChatInput:aaaaaaaaaaaa
javax.faces.ViewState:5079906166114901626:-433970771510989466
Response Headersview source
Cache-Control:no-cache
Content-Length:190
Content-Type:text/xml;charset=UTF-8
Date:Thu, 18 Oct 2012 10:40:04 GMT
Server:Apache-Coyote/1.1
X-Powered-By:JSF/2.0
RESPONSE:
<?xml version='1.0' encoding='UTF-8'?>
<partial-response><changes><update id="javax.faces.ViewState"><![CDATA[5079906166114901626:-433970771510989466]]></update></changes></partial-response>
ISSUE:
i can open the chat window for the student and type a chat message then press enter, the code gets in the sendPrivate bean method, but the JS handleMessage function is not called and hence the private message is not displayed in the JSF page, i get no errors in browser console.
please advise how to fix that.

Try to add following jars to your lib folder (if you havent already done that):
atmosphere-compat-tomcat-1.0.1.jar
atmosphere-compat-tomcat7-1.0.1.jar
Also have in mind that if you are connected as STUDENT to the "student" channel and if you are pushing message to "teacher" channel, only teacher's channel will receive a message.
To test your chat, you need to login as student in one browser and as teacher in another browser. In this case, when you push message as student to the teacher in one browser, teacher in another browser will receive the message.