How to access a @Named bean in PhaseListener?

Question

We are using JBoss 7.1, MySQL/PostgreSQL DB, JSF 2.0 with CDI beans.

I have to implement authentification based on DB by login and password. We have a managment (administration) portal. When the client opens a restricted page without being logged in, it should redirect the request to login.* page if the client is not logged in.

I have tried to do that by using a PhaseListener. I can Login and Logout, but when I try to open some another page I ran into a problem: I cannot get @Named("user") public class UserManager bean inside the PhaseListener class. I tried to get it by using FacesContext, & EL..., that all did not help me.

The UserManager validates the login and stores the logged in user as current property. On every request, I want to check in the PhaseListener if #{user.current} is not null. But I can't get the #{user} bean in the PhaseListener.

How can I get a @Named bean in beforePhase() or afterPhase()?

---

Update: here is my attempt so far:

private boolean loggedIn( FacesContext context ) throws IOException, ServletException
{
    LOGSTORE.debug( "loggedIn().2 " );

    HttpServletRequest request = (HttpServletRequest) context.getExternalContext().getRequest();
    HttpServletResponse response = (HttpServletResponse) context.getExternalContext().getResponse();

//  ELContext elContext = FacesContext.getCurrentInstance().getELContext();
//  UserManager userManager = (UserManager) FacesContext.getCurrentInstance().getApplication()
//      .getELResolver().getValue( elContext, null, "user" );

    HttpSession session = (HttpSession) context.getExternalContext().getSession( true );
    UserManager userManager = (UserManager) session.getAttribute( "user" );

//  UserManager userManager = (UserManager) FacesContext.getCurrentInstance().getExternalContext().getSessionMap().get( "user" );

    if (!StringUtils.contains( ((HttpServletRequest) context.getExternalContext().getRequest())
        .getRequestURL().toString(), URL_SESSION_EXPIRED ))
    {

        if (userManager == null || !userManager.isLoggedIn())
        {
            LOGSTORE.debug( " userManager is " + (userManager == null ? "" : "not ") + " null" );
            if (userManager != null)
            {
                LOGSTORE.debug( " userManager.isLoggedIn() is "
                    + (userManager.isLoggedIn() ? "TRUE" : "FALSE") );
            }
            LOGSTORE.debug( " doPhaseFilter() - START REDIRECT " );
            response.sendRedirect( request.getContextPath() + "/" + homepage + "?auth-failed" );
        }
        return false;

    } else
    {
        LOGSTORE.debug( "loggedIn().3 it is " + homepage );
        return true;
    }
}

Answer 1

A session scoped CDI managed bean is not stored in the HTTP session the same way as a normal session scoped JSF managed bean. A session scoped JSF managed is indeed stored in the session by the bean name as key. A session scoped CDI managed bean is however abstracted further away through another map in the session scope.

You need to get it by evaluating EL programmatically instead of grabbing it from the session map. Your EL resolver attempt has one mistake, the value does not contain any #{} expression.

ELContext elContext = FacesContext.getCurrentInstance().getELContext();
UserManager userManager = (UserManager) FacesContext.getCurrentInstance().getApplication()
    .getELResolver().getValue(elContext, null, "user");

Fix it accordingly:

ELContext elContext = FacesContext.getCurrentInstance().getELContext();
UserManager userManager = (UserManager) FacesContext.getCurrentInstance().getApplication()
    .getELResolver().getValue(elContext, null, "#{user}");

By the way, a shorthand for the above is the Application#evaluateExpressionGet():

UserManager userManager = context.getApplication()
    .evaluateExpressionGet(context, "#{user}", UserManager.class);

Note that you've the FacesContext context also already there as method argument.

Answer 2

Hopefully this is fixed in the next version of JSF which has real CDI integration for this stuff. What you will need to do (and maintain portability) is to lookup the BeanManager via JNDI, then get the named bean from the BeanManager.

Answer 3

I use the following code to get a reference to the CDI beans from inside the PhaseListener.

public BeanManager getBeanManager() {
    BeanManager beanManager = null;
    try {
        InitialContext initialContext = new InitialContext();
        beanManager = (BeanManager) initialContext.lookup("java:comp/BeanManager");
    } catch (NamingException e) {
        logger.log(Level.SEVERE, "Couldn't get BeanManager through JNDI", e);
    }
    return beanManager;
}

public <T> T getBean(final Class<T> clazz) {
    BeanManager bm = getBeanManager();
    Bean<T> bean = (Bean<T>) bm.getBeans(clazz).iterator().next();
    CreationalContext<T> ctx = bm.createCreationalContext(bean);
    return (T) bm.getReference(bean, clazz, ctx);
}

So to get the bean you would call it like the following.

DataManager dataManager = getBean(DataManager.class);

The bean in this case is a @Dependent bean which is being used in the PhaseListener.

Answer 4

Another posibility would be to use Seam Faces. It is a portable CDI extension and allows you to observe faces events.