I'm testing a simple log in with httpsession, so after i authenticate the user i add a user attribute to the http session :
@ManagedBean
@SessionScoped
public class loginView {
....
public String connect() {
FacesContext context = FacesContext.getCurrentInstance();
if (authenticated) {
context.getExternalContext().getSessionMap().put("user", login);
return "/home/NewFile?faces-redirect=true";
} else {
context.addMessage(null, new FacesMessage("Unknown login, try again"));
login = "";
pwd = "";
return null;
}
}
}
When i call this function from the login view it redirects to NewFile.xhtml as it's supposed to do. And inside the said xhtml i display the "user" attribute using #{user}. So far everything is working fine but when i refresh the page (NewFile.xhtml) or when i redirect to another page and try to display "user" attribute i get null, is this behavior expected ? does refreshing or redirecting creates another httpsession ? or is it just deleting the attribute i added ?
After some research i succeeded in solving my problem, turns out it's just a stupid mistake of my part. so i thought i should leave the answer here instead of deleting the question. So here goes :
After some looking around I have found out that this had to do with the cookies, so i did track the HTTP traffic using chrome's F12 and and it was the server sending new cookies each time I refresh/navigate. And after some more searching and testing i've found out what was causing the session to invalidate, so i was calling a logout function (that invalidates the session) this way : <h:button outcome="view.logout()"/> turns out outcome executes the function before loading the page so i had to change it to <p:commandButton action="view.logout()"/>