ViewExpiredException immediately after logging

Question

I read that it is a problem of expired session, but in my case it's impossible because the session was just opened when the exception is thrown: I get to login page, fill up form and submit. After that I get ViewExpiredException. What can I do to resolve the problem?

This is my web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">
<context-param>
    <param-name>javax.faces.PROJECT_STAGE</param-name>
    <param-value>Development</param-value>

    <param-name>org.apache.myfaces.SERIALIZE_STATE_IN_SESSION</param-name>
    <param-value>false</param-value>

    <param-name>com.sun.faces.numberOfLogicalViews</param-name>
    <param-value>100</param-value>

</context-param>
<listener>
    <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
</listener>

<servlet>
    <servlet-name>Faces Servlet</servlet-name>
    <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    <load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>Faces Servlet</servlet-name>
    <url-pattern>*.xhtml</url-pattern>
</servlet-mapping>
<session-config>
    <session-timeout>
        30
    </session-timeout>
</session-config>
<welcome-file-list>
    <welcome-file>pages/login.xhtml</welcome-file>
</welcome-file-list>

<security-constraint>
    <display-name>Admin</display-name>
    <web-resource-collection>
        <web-resource-name>Admin</web-resource-name>
        <url-pattern>/pages/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>admin</role-name>
    </auth-constraint>
</security-constraint>
<security-constraint>
    <display-name>User</display-name>
    <web-resource-collection>
        <web-resource-name>User</web-resource-name>
        <url-pattern>/pages/user/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>user</role-name>
    </auth-constraint>
</security-constraint>

<security-role>
    <role-name>admin</role-name>
</security-role>
<security-role>
    <description/>
    <role-name>user</role-name>
</security-role>

<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
        <form-login-page>/pages/login.xhtml</form-login-page>
        <form-error-page>/pages/errorLogin.xhtml?faces-redirect=true</form-error-page>
    </form-login-config>
</login-config>
<error-page>
    <error-code>403</error-code>
    <location>/pages/errorLogin.xhtml</location>
</error-page>
<error-page>
    <error-code>500</error-code>
    <location>/pages/sessionExpired.xhtml</location>
</error-page>   
<error-page>
    <exception-type>javax.faces.application.ViewExpiredException</exception-type>
    <location>/pages/sessionExpired.xhtml</location>
</error-page>

Do you have any configuration in your faces-config file related to the maximum size of current views? — Luiggi Mendoza, May 18 '14 at 18:31
@LuiggiMendoza in faces-config.xml I have only locale-config tag to locale message configuration — kuba44, May 18 '14 at 23:10

Eduardo Briguenti Vieira · Answer 1 · 2014-06-16T00:34:35.947

Try to use the STATE_SAVING_METHOD to client in your web.xml.

<context-param>
   <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
   <param-value>client</param-value>
</context-param>

If you want to stick with the server mode try to increase your views:

<context-param>  
        <param-name>org.apache.myfaces.NUMBER_OF_VIEWS_IN_SESSION</param-name>  
        <param-value>40</param-value>  
        <description>Only applicable if state saving method is "server" (= default).  
                     Defines the amount (default = 20) of the latest views are stored in session.  
        </description>  
</context-param>

ViewExpiredException immediately after logging

1 Answers1