Large File Downloads with JBoss Seam 2 and Servlets

Today I worked an an issue which presented users of our application a 403 error page when downloading large files which were generated on the fly. The files were delivered by a servlet and the files were directly copied to the ServletOutputStream, so the files were streamed instead of holding them in memory.

After some debugging it turned out, that the files were not streamed since the Seam Ajax4JSF Filter doesn’t allow to stream files and this resulted in OutOfMemoryExceptions. There are a few ways how to disable or extend the Ajax4JSF Filter (see this Seam Forum Thread).

Since all our download resources are mapped to servlets which resides in the „/media/*“ path, it was pretty easy to just enable the Ajax4JSF Filter for all paths except the „/media/*“ paths. To achieve this, just add to your components.xml:

<web:ajax4jsf-filter regex-url-pattern="^(?:[^/]|/(?!media/))*$"/>

Set Context Root for a JavaEE 6 Application with JBoss 7.1

Per default, a Web Application which is packaged as a WAR file is mapped to „http://jbossurl:port/war_file_name“ when deployed to JBoss AS 7.1. We wanted the application to be mapped to the root context instead of the file name. It turns out, that this is pretty easy to achieve:

  1. Edit standalone.xml in the JBoss configuration directory. Edit the relevant part of the file like this:
    <subsystem xmlns="urn:jboss:domain:web:1.0" default-virtual-server="default-host">
        <connector name="http" protocol="HTTP/1.1" socket-binding="http" scheme="http"/>
        <virtual-server name="default-host" enable-welcome-root="false">

    The important part is the enable-welcome-root=“false“.

  2. Create a file „jboss-web.xml“ in the WEB-INF folder of your application.
  3. Add the following to the file:

    <?xml version="1.0" encoding="UTF-8"?>

Now your Application will be mapped to the context-root of the Application Server and should be accessible with „http://jbossurl:port“.

Programatically Login User with Seam 2 Security Framework

This is a quick one:

When you want to login a user programmatically without checking if the credentials are right or the user is in the IdentityStore with Seam 2, that is pretty easy.

final Principal principal = new SimplePrincipal("username");

This will override the Seam 2 Security Framework authentication mechanism and a user with the given username will be logged in, even if the user is not in the IdentityStore of the Application.

I use this regularly when I have some sort of administration interface where I cannot use the default IdentityStore of the application. In this case I provide an own implementation of the required authentication mechanism and just log in the the user with the approach described above. When doing this I add a role to the logged in user (via identity.addRole("myRole")), so I can use all the Seam goodies like the Authorization Annotations (@Restrict) or checks like Identity.loggedIn.

Different ways to redirect with JSF and Seam

This is just a quick reminder for myself how to implement programmatic redirects with JBoss Seam and JSF.

I will describe three different techniques:

  • Redirecting to a 404 Error Page from a JSF Backing Bean
  • Redirecting to an external Website
  • Redirecting to a JSF view in a Seam Application