JSF SessionScoped managed bean - injection of spring bean is null after restarting server

Question

In a JSF 2 application, which is developed on tomcat, I have the following SessionScoped managed bean:

@ManagedBean(name = "loginBean")
@SessionScoped
public class LoginBean implements Serializable {

    private static final long serialVersionUID = 1L;

    private String login;
    private String password;

    @ManagedProperty(value = "#{authenticationService}")
    transient private AuthenticationService authenticationService;

    public String login() {

        boolean success = authenticationService.login(login, password); // after restarting tomcat, authenticationService is null here!

        //........
    }
}

authenticationService is a spring's @Service:

@Service("authenticationService")
public class AuthenticationServiceImpl implements AuthenticationService, Serializable {

    private static final long serialVersionUID = 1L;

    //....
}

Also, I've defined the session to be saved on the client side:

<context-param>
    <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
    <param-value>client</param-value>
</context-param>

THE PROBLEM:

the LoginBean works fine when I start tomcat first time in the morning. But if I then restart tomcat and immediately try to access LoginBean.login() , I am getting a NullPointerException on authenticationService .

I have defined authenticationService to be transient so that it won't be saved to the session. But when restarting tomcat, it is not injected again with the refrence to the spring bean authenticationService .

Questions:

1. Why is it not re-injected during start up?
2. Why did defining authenticationService as transient not signal JSF to re-inject authenticationService ?
3. Is the problem affected by setting javax.faces.STATE_SAVING_METHOD as client ?
4. How can I solve this problem? If your solution is affected by the value of javax.faces.STATE_SAVING_METHOD , please explain how.

Answer 1

This is most likely due to session serialization done by tomcat. It is trying to restore your serialized session but won't inject authenticationService. You can safely disable this feature, it is seldom of any use. To disable it, look up tomcat's conf/context.xml and uncomment section described as responsible for session persistence management.