Hallo again, I've just noticed that when this behavior is observed the session associated with the HTTPServletRequest is null. Somehow Tomcat cannot create a session object for the request (normally a StandardSession object is associated with the request). IMHO CDI shouldn't inject an object instance from some other session if the session of the request is null.
On 30.01.2013, at 17:39, "todor.dimitrov" <[email protected]> wrote: > Hallo, > > I have a weird problem when injecting a bean inside a servlet filter, which > is produced by a method of a session-scoped bean: > > Filter: > > public class AuthenticationFilter implements Filter { > > @Inject > @LoggedIn > private Instance<User> loggedInUser; > > public void doFilter(ServletRequest request, ServletResponse response, > FilterChain chain) throws IOException, ServletException > { > > final User user = loggedInUser.get(); > if (user != null) { > // proceed ... > } else { > // redirect to login ... > } > } > > ... > } > > Session-scoped bean with producer method: > > @Named > @SessionScoped > public class Login implements Serializable { > > private User currentUser; > > public String login() { > currentUser = loadUserFromDB(...); > } > > public String logout() { > currentUser = null; > } > > @Produces > @LoggedIn > public User getLoggedInUser() { > return currentUser; > } > } > > Qualifier: > > @Target({ ElementType.FIELD, ElementType.METHOD }) > @Qualifier > @Retention(RetentionPolicy.RUNTIME) > public @interface LoggedIn { > } > > Sometimes the filter incorrectly retrieves the user instance from some other > active session. This happens, however, only the first time the page is > requested by the browser. On subsequent page reloads, the filter recognises > that the user is not logged in. It should be noted that the JSF > implementation (MyFaces) ALWAYS uses the correct instance of the > session-scoped bean. I've tried to inject the Login bean instead of the User > object but the result is the same. > > Do you have any clues to why I might be experiencing such a behavior? > > > Thanks in advance, > > Todor
