Hi I finally committed a solution for this issue, and other cool optimizations in MYFACES-3117. I'll going to explain below which changes were done.
Now there exists a class called org.apache.myfaces.application.StateCache<K, V>, to delegate all logic related to state storing/retrieving in a cleaner way. Additionally a factory class org.apache.myfaces.application.StateCacheFactory is available, to provide alternate implementations in the future. Two new params were added for server side stuff: /** * Only applicable if state saving method is "server" (= default). * Indicates the amount of views (default is not active) that should be stored in session between sequential * POST or POST-REDIRECT-GET if org.apache.myfaces.USE_FLASH_SCOPE_PURGE_VIEWS_IN_SESSION is true. * <p>For example, if this param has value = 2 and in your custom webapp there is a form that is clicked 3 times, only 2 views * will be stored and the third one (the one stored the first time) will be removed from session, even if the view can * store more sessions org.apache.myfaces.NUMBER_OF_VIEWS_IN_SESSION. This feature becomes useful for multi-window applications. * where without this feature a window can swallow all view slots so the other ones will throw ViewExpiredException.</p> */ @JSFWebConfigParam(since="2.0.6") private static final String NUMBER_OF_SEQUENTIAL_VIEWS_IN_SESSION_PARAM = "org.apache.myfaces.NUMBER_OF_SEQUENTIAL_VIEWS_IN_SESSION"; /** * Only applicable if state saving method is "server" (= default). * Allow use flash scope to keep track of the views used in session and the previous ones, * so server side state saving can delete old views even if POST-REDIRECT-GET pattern is used. * The default value is false. */ @JSFWebConfigParam(since="2.0.6", defaultValue="false", expectedValues="true, false") private static final String USE_FLASH_SCOPE_PURGE_VIEWS_IN_SESSION = "org.apache.myfaces.USE_FLASH_SCOPE_PURGE_VIEWS_IN_SESSION"; Finally I founded a way to support POST-Redirect-GET pattern using flash scope. By default, these two params are disabled. Other optimizations that will reduce memory usage were done: - Don't trigger session creation if state is not written on facelets. - Don't use a buffer to write the state token when server side state saving is used, because after all it is not necessary. I think with these changes we can solve MYFACES-3117. With this code, we have a solid foundation to continue investigating how to solve the window-id problem. Suggestions are welcome. Leonardo Uribe