session-scoped managed bean appears to be not session scoped in an xpages application

3
votes

I'd wrote a session scoped managed bean to cache the sesion user specific info in a domino xpages application,just like the following codes:

    public class NBUserInfo {
    private String fullUserName;
    private String commonUserName;
    private String displayName;
    private String mailAddress;
    private String themeType;
    private String themeData;

    private Session _session;
    private Database _dbnames;
    private Name _dominoName;

    public NBUserInfo(){
        System.out.println("初始化Managed Bean:NBUserInfo...");
        _session = ExtLibUtil.getCurrentSession();

        try {
            System.out.println(_session.getEffectiveUserName());
            _dbnames = _session.getDatabase(_session.getCurrentDatabase().getServer(), "names.nsf",false);
            _dominoName = _session.createName(_session.getEffectiveUserName());
        } catch (NotesException e) {
            // TODO 自动生成 catch 块
            e.printStackTrace();
        }

    }

    public String getFullUserName() {
        if(fullUserName==null)
            try {
                fullUserName = _dominoName.getCanonical();
            } catch (NotesException e) {
                // TODO 自动生成 catch 块
                e.printStackTrace();
            }
        return fullUserName;
    }

then, i declared it in the faces-config to make it a session scoped bean:

<?xml version="1.0" encoding="UTF-8"?>
<faces-config>
  <!--注册受管Beans-->
  <managed-bean>
    <managed-bean-name>NBUser</managed-bean-name>
    <managed-bean-class>com.nbhdtech.common.NBUserInfo</managed-bean-class>
    <managed-bean-scope>session</managed-bean-scope>
  </managed-bean>
  <!--注册自定义XPAGES根渲染器-->
  <render-kit>
    <renderer>
      <component-family>javax.faces.ViewRoot</component-family>
      <renderer-type>com.ibm.xsp.ViewRootEx</renderer-type>
      <renderer-class>com.nbhdtech.xsp.CustomViewRootRenderer</renderer-class>
    </renderer>
  </render-kit>
  <!--AUTOGEN-START-BUILDER:由 IBM Domino Designer 自动生成。请勿修改。-->
  <!--AUTOGEN-END-BUILDER:自动生成的区段的末尾-->
</faces-config>

when testing the bean , I used it through #{NBUser.fullUserName}, it does not always return the user of the current domino http session context,for examples, I get logged in first by user "user1" and logged off,then logged in by user2, the bean seems to not recreated for the new user2 session,just still user1's session info .

is there some work around about this? my domino have been configed to LTPAToken SSO config. thanks a lot if any answers about it

1
xpagesmanaged-bean
The sessionScope in XPages is linked to the browser session, not the (logged in) user session. So if you logout, keep the browser open and log in again, the sessionScope is persisted. More information here: intec.co.uk/sessions-logout-sessionscope-and-userscopeMark Leusink

1 Answers

2
votes

As Mark Leusink mentions, sessionScope in XPages is linked to the browser session and not the (logged in) user session.

So you need a way to check if the current user matches the user tied to your user bean. One way to do this is to call a "verify" method in your user bean on each request. The "verify" method could look like this:

public void verify() {
    // retrieve the username of the current user
    String currentUser = ExtLibUtil.getCurrentSession().getEffectiveUserName();

    // (re-)init the user bean if another user logged in
    if (!currentUser.equals(getFullUserName())) {
        // Call your constructor logic here
    }
}

You can call this "verify" method in the beforePageLoadevent of one of your central custom controls (such as a custom control for your layout):

<xp:this.beforePageLoad><![CDATA[#{javascript:
    // (re-)init the userbean if another user logged in
    NBUser.verify();
}]]></xp:this.beforePageLoad>

--

Also, you should not store Domino specific objects in a bean.