Clever Geek Handbook

Clear h: messages after page refresh

I have a JSF login page (for Spring Security) and a global message displaying a message for invalid user login / password.

Here is my form:

<f:event listener="#{loginBean.updateMessages}" type="preRenderView"/>

<h:form prependId="false" >

    <h:outputLabel value="User Name:" for="username"/>
    <h:inputText id="username" required="true" value="#{loginBean.name}"/>
    <h:message id="usernMsg" for="username"/> <br/>

    <h:outputLabel value="Password:" for="password"/>
    <h:inputSecret id="password" value="#{loginBean.password}" required="true"/>
    <h:message id="passMsg" for="password"/><br/>

    <h:messages id="glbMsg" globalOnly="true"/><br/>

    <h:commandButton value="Submit" action="#{loginBean.doLogin}"/>

</h:form>

I update posts with updateMessages()

:

public void updateMessages() {
    Exception ex = (Exception) FacesContext.getCurrentInstance().getExternalContext().getSessionMap()
            .get(WebAttributes.AUTHENTICATION_EXCEPTION);

    if (ex != null) {
        FacesContext.getCurrentInstance().addMessage(null,
                new FacesMessage(FacesMessage.SEVERITY_ERROR, ex.getMessage(), ""));
        setUsername("");
        setPassword("");
    }
}

The problem is that the user enters the wrong credentials, the message is displayed, but when the user refreshes the login page (either by using a button F5

or by clicking the submit button while the text boxes are empty), the previous global message ( glbMsg

) value is not cleared.

I tried ajax render="..."

in submit button and didn't work.

+3


source to share


1 answer


Look back at the problem, now it's correct. You really don't want to clean up h:messages

. You really want to clear the exception (which caused h:messages

). It just redraws every time, because the exception doesn't occur null

every time.

Spring Security keeps last authentication as exception in session ... The way you got it is obvious:

Exception ex = (Exception) FacesContext.getCurrentInstance().getExternalContext()
    .getSessionMap().get(WebAttributes.AUTHENTICATION_EXCEPTION);


Unless you invalidate the session, or Spring Security deletes it itself, it will be stored there for the entire session. Since Spring Security doesn't seem to remove it, you have to do it yourself.

Exception ex = (Exception) FacesContext.getCurrentInstance().getExternalContext()
    .getSessionMap().remove(WebAttributes.AUTHENTICATION_EXCEPTION);
+3


source






More articles:


All Articles