Search code examples
jsfprimefacesjbosswildfly

JSF1094 error happened when use Flash in cluster env

I am using primefaces 11 in a cluster env(alb + two wildfly 17 + distributable setting). when I use Flash to pass parameter from page1 to page2, I got the following error, and the parameters can no be passed.

 [javax.enterprise.resource.webcontainer.jsf.flash] (default task-29) JSF1094: Could not decode flash data from incoming cookie value Invalid characters in decrypted value.  Processing will continue, but the flash is unavailable for this request.

If I run it in only one server, the parameters can be passed normally.

  • set data
 Flash flash = FacesContext.getCurrentInstance().getExternalContext().getFlash();
 flash.put(REDIRECT_DATA_KEY, rData);
  • get data
 Flash flash = FacesContext.getCurrentInstance().getExternalContext().getFlash();
 return (RedirectData) flash.get(REDIRECT_DATA_KEY);

How I can solve it?

Solution

  • From Red Hat offical support:

    <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
         version="4.0">
...
    <env-entry>
        <env-entry-name>jsf/FlashSecretKey</env-entry-name>
        <env-entry-type>java.lang.String</env-entry-type>
        <!-- http://www.digitalsanctuary.com/aes-key-generator.php -->
        <env-entry-value>Ya+MAlSDzgC3LAXgfEoPA/J6saEp7MtjjF0P6LP69nGk=</env-entry-value>
    </env-entry>

    <distributable/>
</web-app>

    jsf/FlashSecretKey is base64 encoded AES 256bit key which used for encrypting flash scope cookie like csfcfc=K8auYBA%3D;. The key can generate by the following code:

    import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;

public class Main {
    public static void main(String ... args) throws NoSuchAlgorithmException {
        KeyGenerator keyGen = KeyGenerator.getInstance("AES");
        keyGen.init(256); // key length is 256 byte
        SecretKey secretKey = keyGen.generateKey();
        System.out.println("key: " + Base64.getEncoder().encodeToString(secretKey.getEncoded()));
    }
}

    The flash cookie value Set-Cookie: csfcfc=K8auYBA%3D; is AES encrypted by default. If JNDI key java:comp/env/jsf/FlashSecretKey is not set, Mojarra will try to create a random secret key that is used in AES encryption for the flash cookie value.

    In case of cluster environment, that behavior will cause each clustered EAP instance has a different secret key. As a result, Mojarra is unable to restore clustered flash cookie value with the following error message:

    20:09:40,317 SEVERE [javax.enterprise.resource.webcontainer.jsf.flash] (default task-1) 
JSF1094: Could not decode flash data from incoming cookie value Invalid characters in decrypted value.  Processing will continue, but the flash is unavailable for this request.