Eduardo Garcia created TOMAHAWK-1672: ----------------------------------------
Summary: Wrong SessionKey name in session Key: TOMAHAWK-1672 URL: https://issues.apache.org/jira/browse/TOMAHAWK-1672 Project: MyFaces Tomahawk Issue Type: Bug Components: Captcha Affects Versions: 1.1.15-SNAPSHOT Environment: JRE 1.6, JRE 1.7, MyFaces 2.1, Tomcat 7 Reporter: Eduardo Garcia When using this component and try to validate the Captcha sessionkeyname against an input String (using the example approach), I found that the SessionKeyName value is null. But what is really happening is that the SessionKeyName varname is wrong. For example, insted of been "captchaSessionKeyName", when I list my session vars, it shows "captchaSessionKeyName_mySessionKeyName" (name appended twice or more). A work around for this while get patched, in order to get the session key name could be: public final static String SESSION_KEY_NAME = "mySessionKeyName"; HttpSession httpsession = (HttpSession) FacesContext.getCurrentInstance().getExternalContext().getSession(true); Enumeration<String> keys = httpsession.getAttributeNames(); String captchaValue = null; while (keys.hasMoreElements()) { String key = (String)keys.nextElement(); if(key.contains(SESSION_KEY_NAME)) captchaValue = (String) httpsession.getAttribute(key); } if (captchaValue.equalsIgnoreCase(value)) { //... your validations here... } -- This message was sent by Atlassian JIRA (v6.1.5#6160)