Hallo,
I have a weird problem when injecting a bean inside a servlet filter, which is
produced by a method of a session-scoped bean:
Filter:
public class AuthenticationFilter implements Filter {
@Inject
@LoggedIn
private Instance<User> loggedInUser;
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException, ServletException
{
final User user = loggedInUser.get();
if (user != null) {
// proceed ...
} else {
// redirect to login ...
}
}
...
}
Session-scoped bean with producer method:
@Named
@SessionScoped
public class Login implements Serializable {
private User currentUser;
public String login() {
currentUser = loadUserFromDB(...);
}
public String logout() {
currentUser = null;
}
@Produces
@LoggedIn
public User getLoggedInUser() {
return currentUser;
}
}
Qualifier:
@Target({ ElementType.FIELD, ElementType.METHOD })
@Qualifier
@Retention(RetentionPolicy.RUNTIME)
public @interface LoggedIn {
}
Sometimes the filter incorrectly retrieves the user instance from some other
active session. This happens, however, only the first time the page is
requested by the browser. On subsequent page reloads, the filter recognises
that the user is not logged in. It should be noted that the JSF implementation
(MyFaces) ALWAYS uses the correct instance of the session-scoped bean. I've
tried to inject the Login bean instead of the User object but the result is the
same.
Do you have any clues to why I might be experiencing such a behavior?
Thanks in advance,
Todor
