4 Replies Latest reply: Feb 24, 2012 4:30 AM by Anthony O. RSS

    How does Seam 3 handles the “redirect to capture view” feature after login?

    Anthony O. Newbie



      I've just posted my question in stackoverflow, but perhaps there is a more active community here around Seam...


      Here is my use cases.

      I have a login page which is /public/login.xhtml. All my other pages are required to log-in before reaching them. They are in /pages/ directory.

      I want that :

      1. If my user access to http://host/myapp/pages/* it redirects him first to the login page, and then, to the URL he has firstly entered.
      2. If my user access to http://host/myapp/, it redirects him first to the login page, and then, to/pages/home.xhtml.
      3. If my user access to http://host/myapp/public/login.xhtml, it redirects him first to the login page, and then, to /pages/home.xhtml.
      4. If my user access to http://host/myapp/public/login.xhtml and is already logged in, it redirects to /pages/home.xhtml.

      What is working currently?

      With Seam 3 (v3.1.0.Final) and the Security + Faces module, my use case n°1 is automagically working with :

      public interface PagesConfig {
      static enum Pages {

      My problem is that I don't understand how Seam's working to do that redirection to the "capture view".

      With Seam 2, it was easy to understand, in components.xml we had

      <event type="org.jboss.seam.security.notLoggedIn">
      <action execute="#{redirect.captureCurrentView}" />
      <event type="org.jboss.seam.security.loginSuccessful">
      <action execute="#{redirect.returnToCapturedView}" />

      So we captured the events notLoggedIn and loginSuccessful to handle that with a redirectcomponent.

      In Seam 3, I didn't found that configuration : nothing seems to @Observes LoggedInEvent, and there is no Redirect class...

      The point n°2 is achieved with that /index.htm file :

      <meta http-equiv="Refresh" content="0; URL=pages/home.xhtml">

      But for my point n°3, I've tried solutions which don't fully work.

      First I tried that in login.xhtml :

      <s:viewAction action="#{loginAction.redirectToHome}" if="#{identity.loggedIn}" immediate="true" />

      And with or without onPostback="true", after I login, I'm still in the login page with that error message (twice) : "Unable to find matching navigation case with from-view-id «/public/login.xhtml» for action «#{identity.login}» with outcome «success».". It's only if I now re-access tohttp://host/myapp/public/login.xhtml that my viewAction redirects me to the home.

      I also tried that navigation-rule in faces-config.xml :


      <redirect />

      But then, my use case n°1 was disabled : every time I logged-in, I was redirected to the home.

      Finally, for my point n°4, the s:viewAction does the job.

      So does somebody knows the best practices in order to correctly handle those 4 use cases (which I think are common use cases), especially the point n°3?

        • 1. Re: How does Seam 3 handles the “redirect to capture view” feature after login?
          Jason Porter Master

          Hm, I'm not really sure what's going on here. We'd have to dig in a bit.

          • 2. Re: How does Seam 3 handles the “redirect to capture view” feature after login?
            Brian Leathem Master

            Use case No. - 1 SeamFaces stores the originally requested viewId in the user Session, then re-routes to that view after the successful login. It does this by intercepting the navigation from the Seam Security login button, and fires a PostLoginEvent with the data stored in the SessionMap.

            Use case No. 2 - nice solution with the redirect! You could also do this with a @UrlMapping in your ViewConfig.

            Use case No. 3 - Your viewAction solution should work, but I believe you are coming across SEAMFACES-179. There are a couple of solutions you can use:

            1) In your login method, you can manipulate the seesion map stored by the Seam Faces, as demonstrated in this gist -- (this solution courtesy of Cody Lerum)

            2) Use PrettyFaces to intercept the request for the login view, and rediret you if you are not logged in.

            • 3. Re: How does Seam 3 handles the “redirect to capture view” feature after login?
              Anthony O. Newbie

              Thank you for your reply, I'm trying to implement your 1) solution, but to do that, I must disable theLoginListener of Seam to use mine... and I don't manage to do it Here is what I'm facing now :



              By the way, I've added a comment to SEAMFACES-179.

              • 4. Re: How does Seam 3 handles the “redirect to capture view” feature after login?
                Anthony O. Newbie

                (this is a copy of my reply on stackoverflow)

                Finally here is what I did.

                <s:viewAction action="#{loginAction.redirectToHome}" immediate="true" />

                So I removed the if="#{identity.loggedIn}" in order to call my redirectToHome method which redirects to the /pages/home.xhtml.

                • If the user is already authenticated, then he is redirected to the home page.
                • If he's not, then it is redirected to the home page, which redirects him to the login page thanks to my @ViewConfig

                Here is the loginAction :

                public void redirectToHome() throws IOException {

                The problem I faced then was when I logged out.

                Here is my logout action :

                <h:commandLink  action="/public/login" actionListener="#{securityAction.logout()}" value="Disconnect" immediate="true" />

                And the securityAction.logout() method :

                public void logout() {
                if (!conversation.isTransient()) {

                The problem is that I was redirected to the login page (thanks to the @ViewConfig I think), but noPreLoginEvent were thrown, so the Seam LoginListener.observePreLoginEvent wasn't called, and so my previous URL wasn't put in session. So when I logged in (immediatly after logout), I was stuck on the login page, but was logged in.

                Thanks to Brian Leathem and he's previous answer, here is what I did : in my authenticate method of my BaseAuthenticator, I called that method after authentication :

                private void overrideRedirectToLogin() {
                final String PRE_LOGIN_URL = LoginListener.class.getName() + "_PRE_LOGIN_URL";
                final ExternalContext externalContext = FacesContext.getCurrentInstance().getExternalContext();
                final Map<String, Object> sessionMap = externalContext.getSessionMap();
                String redirectURL = (String) sessionMap.get(PRE_LOGIN_URL);

                if (redirectURL == null) {
                final HttpServletRequest request = (HttpServletRequest) externalContext.getRequest();
                = request.getRequestURL().toString();

                .put(PRE_LOGIN_URL, redirectURL.replace("/public/login.xhtml", "/pages/home.xhtml"));

                With that solution, my previous URL wasn't set in session, but at least, my user is redirected to the home page.