where to put filter like logic in JSF2

Question

I am currently banging my head where to put a common logic for some authorization stuff in my Java EE 6/JSF 2 webapp: I have the requirement, that all requests that come with a specific cookie should be redirected to another page.

I considered 3 solutions:

1) use a servlet 3.0 filter (@WebFilter) this worked, i also could inject my managed beans there, but the managed beans require access to the faces externalContext, which at filter invocation time has not yet been set up, so i got NPE's calling the managed beans

2) use a phase listener this feels awkward, because a phase listener cannot be a CDI component and so cannot inject other components (except via el-evaluation); a phaseListener for me feels to technical to put navigation logic into it.

3) in Seam 2.0 i could used "page actions" for things like this, but it seems that this concept didn't make it into JSF 2.0

in seam this looked like:

<page view-id="/admin/*.jsf">
    <action execute="#{authenticator.checkAccess()}" />
</page>

Is it really, that JSF 2.0 does not have a concept to execute "controller logic" before rendering a page?

Answer 1

In JSF 2.x you can listen to page events like that:

<f:metadata>
   <f:event type="javax.faces.event.PreRenderViewEvent" listener="#authenticator.checkAccess()}" />
</f:metadata>

That is more or less equivalent to Seam 2 page action (you will have to filter out postbacks though). You can further enhance the default behavior with CDI-extensions like Seam Faces. Probably it's a good idea if you have a look at the documentation and see what fits your needs...