I have tried in both Firefox and IE and got the same behavior. I have also tried to specifically set an entry 'localhost' in the Chrome 'Manage Exceptions' setting. This is because the webapp url is just at http://localhost:<port>/. Setting cookie domain to 'localhost' also does not make any difference.
I am now wondering if this has something to do with my login page or other configurations. The login page is as below: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" " http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";> <html xmlns="http://www.w3.org/1999/xhtml"; xmlns:ui="http://java.sun.com/jsf/facelets"; xmlns:h="http://java.sun.com/jsf/html"; xmlns:f="http://java.sun.com/jsf/core"; xmlns:t="http://myfaces.apache.org/tomahawk";> <f:view> <f:loadBundle basename="queryClient_en_AU" var="qry"/> <ui:composition template="/template/main.xhtml"> <ui:define name="main"> <div align="center"> <t:div styleClass="errorDiv" rendered="#{utilsBean.hasMessage('loginerror')}"> <h:message id="loginerror" for="loginerror" styleClass="errorStyle"/> </t:div> <h:form> <t:panelGrid id="login" columns="3"> <h:outputLabel for="Username" value="Username"/> <h:inputText id="Username" styleClass="logstyle" value="#{ user.name}" size="20" required="true"/> <h:message for="Username" styleClass="errorText"/> <h:outputLabel for="Username" value="Password"/> <h:inputSecret id="pass" styleClass="logstyle" size="20" value="#{user.password}" required="true"/> <h:commandButton id="idlog" value="Login" action="#{user.login}" styleClass="logbutton"/> </t:panelGrid> </h:form> </div> </ui:define> </ui:composition> </f:view> </html> Any thought ? On Tue, Nov 24, 2015 at 2:58 PM, Kito Mann <[email protected]> wrote: > Hmmm... it does look like a browser issue. If you click Manage Exceptions > for cookies in Chrome, is this site listed? Have you tried with another > browser? > > ___ > > Kito D. Mann | @kito99 | Author, JSF in Action > Web Components, Polymer, JSF, PrimeFaces, Java EE, and Liferay training > and consulting > Virtua, Inc. | http://www.virtua.com | > http://www.JSFCentral.com | @jsfcentral > +1 203-998-0403 > > * Listen to the Enterprise Java Newscast: *http:// > <http://blogs.jsfcentral.com/JSFNewscast/>enterprisejavanews.com > <http://ww.enterprisejavanews.com>* > > > On Mon, Nov 23, 2015 at 10:53 PM, Jojada Tirtowidjojo <[email protected]> > wrote: > >> Just giving more info. >> >> The ViewExpiredException is caused by the missing >> SerializedViewCollection object in the session as the code execution >> reaches line 338 of the ServerSideStateCacheImpl class >> >> protected Object getSerializedViewFromServletSession(FacesContext >> context, String viewId, Object sequence) >> { >> ExternalContext externalContext = context.getExternalContext(); >> Map<Object, Object> attributeMap = context.getAttributes(); >> Object serializedView = null; >> if >> (attributeMap.containsKey(RESTORED_SERIALIZED_VIEW_REQUEST_ATTR)) >> { >> serializedView = >> attributeMap.get(RESTORED_SERIALIZED_VIEW_REQUEST_ATTR); >> } >> else >> { >> 338: SerializedViewCollection viewCollection = >> (SerializedViewCollection) externalContext >> .getSessionMap().get(SERIALIZED_VIEW_SESSION_ATTR); >> if (viewCollection != null) >> { >> if (sequence != null) >> { >> Object state = viewCollection.get( >> >> getSessionViewStorageFactory().createSerializedViewKey( >> context, viewId, sequence)); >> if (state != null) >> { >> serializedView = deserializeView(state); >> } >> } >> } >> attributeMap.put(RESTORED_SERIALIZED_VIEW_REQUEST_ATTR, >> serializedView); >> >> Could this possibly be caused by the cookie session setting that isn't >> working correctly ? >> >> The cookie setting in my web.xml is: >> <session-config> >> <session-timeout>240</session-timeout> >> <cookie-config> >> <http-only>true</http-only> >> <secure>true</secure> >> </cookie-config> >> <tracking-mode>COOKIE</tracking-mode> >> </session-config> >> >> When I first visit the login page, the Http Response Headers from the >> server is >> >> 1. HTTP/1.1 200 OK Date: Tue, 24 Nov 2015 02:24:22 GMT Set-Cookie: >> JSESSIONID=11cp2c2bxz66fgyqfso1mrcgw;Path=/TeraTextRS;Secure;HttpOnly >> Expires: Thu, 01 Jan 1970 00:00:00 GMT Content-Type: >> text/html;charset=utf-8 Transfer-Encoding: chunked Server: >> Jetty(9.3.6.v20151106) >> >> I can see the 'Set-Cookie' header is set by the server. >> However, when I submit the login form, the Http Request Headers from the >> client is: >> >> 1. POST /TeraTextRS/pages/login.rs HTTP/1.1 Host: localhost:7620 >> Connection: keep-alive Content-Length: 157 Cache-Control: max-age=0 >> Accept: >> text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 >> Origin: http://localhost:7620 Upgrade-Insecure-Requests: 1 >> User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 >> (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36 Content-Type: >> application/x-www-form-urlencoded DNT: 1 Referer: >> http://localhost:7620/TeraTextRS/pages/login.rs >> Accept-Encoding >> <http://localhost:7620/TeraTextRS/pages/login.rsAccept-Encoding>: >> gzip, deflate Accept-Language: en-US,en;q=0.8 >> >> There isn't 'Cookie' header in the request. >> The client is Chrome and I have already set its Cookies setting to 'Allow >> local data to be set'. >> >> The fact that the request header does not have 'Cookie' header set has >> bothered me. >> >> Your help is very much appreciated. >> >> Jo.- >> >> On Tue, Nov 24, 2015 at 2:33 PM, Jojada Tirtowidjojo <[email protected]> >> wrote: >> >>> Hi All, >>> >>> I am new to JSF and Myfaces and need answers or pointers that can help >>> me fix the problem I am currently having. Would you please help ? >>> >>> My application embeds a Jetty 9.3.6 server and uses the Apache MyFaces >>> 2.2.8. It runs well with the Jetty default session tracking modes: URL and >>> COOKIE but a problem arises when I change the tracking mode to 'COOKIE' >>> only. As soon as I submit login details from the login page I receive the >>> following exception: >>> >>> javax.faces.application.ViewExpiredException: /pages/login.rs - No saved >>> view state could be found for the view identifier: /pages/login.rs >>> at >>> org.apache.myfaces.lifecycle.RestoreViewExecutor.execute(RestoreViewExecutor.java:183) >>> at >>> org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:196) >>> at >>> org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:143) >>> at javax.faces.webapp.FacesServlet.service(FacesServlet.java:198) >>> at >>> org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:821) >>> at >>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1685) >>> at >>> org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:357) >>> at >>> org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668) >>> at >>> org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581) >>> at >>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) >>> at >>> org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) >>> at >>> org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226) >>> at >>> org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158) >>> at >>> org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511) >>> at >>> org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) >>> at >>> org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090) >>> at >>> org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) >>> at >>> org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109) >>> at >>> org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119) >>> at org.eclipse.jetty.server.Server.handle(Server.java:517) >>> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:308) >>> at >>> org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242) >>> at >>> org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261) >>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95) >>> at >>> org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75) >>> at >>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213) >>> at >>> org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572) >>> at java.lang.Thread.run(Thread.java:745) >>> >>> Tracing the Myfaces code suggests that the previously saved >>> SerializedViewCollection object in the servlet session, somehow, has gone >>> missing during an attempt to restore the login view. >>> >>> Any comment, answer, and/or pointer is very much appreciated. >>> >>> Cheers, >>> >>> >>> >>> >>> >>> >>> >>> >>> >> >
