JSF returns blank/unparsed page with plain/raw XHTML/XML/EL source instead of rendered HTML output

后端 未结 1 1143
情深已故
情深已故 2020-11-21 04:14

I have some Facelets files like below.

WebContent
 |-- index.xhtml
 |-- register.xhtml
 |-- templates
 |    |--userForm.xhtml
 |    `--banner.xhtml
 :

相关标签:
1条回答
  • 2020-11-21 04:49

    There are three main causes.

    1. FacesServlet is not invoked.
    2. XML namespace URIs are missing or wrong.
    3. Multiple JSF implemenations have been loaded.

    1. Make sure that URL matches FacesServlet mapping

    The URL of the link (the URL as you see in browser's address bar) has to match the <url-pattern> of the FacesServlet as definied in web.xml in order to get all the JSF works to run. The FacesServlet is the one responsible for parsing the XHTML file, collecting submitted form values, performing conversion/validation, updating models, invoking actions and generating HTML output. If you don't invoke the FacesServlet by URL, then all you would get (and see via rightclick, View Source in browser) is indeed the raw XHTML source code.

    If the <url-pattern> is for example *.jsf, then the link should point to /register.jsf and not /register.xhtml. If it's for example /faces/*, like you have, then the link should point to /faces/register.xhtml and not /register.xhtml. One way to avoid this confusion is to just change the <url-pattern> from /faces/* to *.xhtml. The below is thus the ideal mapping:

    <servlet>
        <servlet-name>facesServlet</servlet-name>
        <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
    </servlet>
    <servlet-mapping>
        <servlet-name>facesServlet</servlet-name>
        <url-pattern>*.xhtml</url-pattern>
    </servlet-mapping>
    

    If you can't change the <url-pattern> to *.xhtml for some reason, then you probably would also like to prevent endusers from directly accessing XHTML source code files by URL. In that case you can add a <security-constraint> on the <url-pattern> of *.xhtml with an empty <auth-constraint> in web.xml which prevents that:

    <security-constraint>
        <display-name>Restrict direct access to XHTML files</display-name>
        <web-resource-collection>
            <web-resource-name>XHTML files</web-resource-name>
            <url-pattern>*.xhtml</url-pattern>
        </web-resource-collection>
        <auth-constraint />
    </security-constraint> 
    

    JSF 2.3 which was introduced April 2017 has already solved all of above by automatically registering the FacesServlet on an URL pattern of *.xhtml during webapp's startup. The alternative is thus to simply upgrade to latest available JSF version which should be JSF 2.3 or higher. But ideally you should still explicitly register the FacesServlet on only one URL pattern of *.xhtml because having multiple possible URLs for exactly the same resource like /register.xhtml, /register.jsf, /register.faces and /faces/register.xhtml is bad for SEO.

    See also:

    • Set default home page via <welcome-file> in JSF project
    • Opening Facelets page errors with "This XML file does not appear to have any style information associated with it."
    • Sometimes I see JSF URL is *.jsf, sometimes *.xhtml and sometimes /faces/*. Why?
    • JavaServer Faces 2.2 and HTML5 support, why is XHTML still being used
    • Which XHTML files do I need to put in /WEB-INF and which not?
    • Our servlets wiki - to learn the mandatory basics about servlets

    2. Make sure that XML namespaces match JSF version

    Since introduction of JSF 2.2, another probable cause is that XML namespaces don't match the JSF version. The xmlns.jcp.org like below is new since JSF 2.2 and does not work in older JSF versions. The symptoms are almost the same as if the FacesServlet is not invoked.

    <html lang="en"
        xmlns="http://www.w3.org/1999/xhtml"
        xmlns:f="http://xmlns.jcp.org/jsf/core"
        xmlns:h="http://xmlns.jcp.org/jsf/html"
        xmlns:ui="http://xmlns.jcp.org/jsf/facelets">
    

    If you can't upgrade to JSF 2.2 or higher, then you need to use the old java.sun.com XML namespaces instead:

    <html lang="en"
        xmlns="http://www.w3.org/1999/xhtml"
        xmlns:f="http://java.sun.com/jsf/core"
        xmlns:h="http://java.sun.com/jsf/html"
        xmlns:ui="http://java.sun.com/jsf/facelets">
    

    But ideally you should always use the latest version where available.

    See also:

    • Which XML namespace to use with JSF 2.2 and up
    • JSF tags not executed
    • Warning: This page calls for XML namespace http://xmlns.jcp.org/jsf/XXX declared with prefix XXX but no taglibrary exists for that namespace

    3. Multiple JSF implementations have been loaded

    One more probable cause is that multiple JSF implementations have been loaded by your webapp, conflicting and corrupting each other. For example, when your webapp's runtime classpath is polluted with multiple different versioned JSF libraries, or in the specific Mojarra 2.x + Tomcat 8.x combination, when there's an unnecessary ConfigureListener entry in webapp's web.xml causing it to be loaded twice.

    <!-- You MUST remove this one from web.xml! -->
    <!-- This is actually a workaround for buggy GlassFish3 and Jetty servers. -->
    <!-- When leaving this in and you're targeting Tomcat, you'll run into trouble. -->
    <listener>
        <listener-class>com.sun.faces.config.ConfigureListener</listener-class>
    </listener>
    

    When using Maven, make absolutely sure that you declare the dependencies the right way and that you understand dependency scopes. Importantingly, do not bundle dependencies in webapp when those are already provided by the target server.

    See also:

    • Configuration of com.sun.faces.config.ConfigureListener
    • How to properly install and configure JSF libraries via Maven?

    Make sure that you learn JSF the right way

    JSF has a very steep learning curve for those unfamiliar with basic HTTP, HTML and Servlets. There are a lot of low quality resources on the Internet. Please ignore code snippet scraping sites maintained by amateurs with primary focus on advertisement income instead of on teaching, such as roseindia, tutorialspoint, javabeat, etc. They are easily recognizable by disturbing advertising links/banners. Also please ignore resources dealing with jurassic JSF 1.x. They are easily recognizable by using JSP files instead of XHTML files. JSP as view technology was deprecated since JSF 2.0 at 2009 already.

    To get started the right way, start at our JSF wiki page and order an authoritative book.

    See also:

    • Java EE web development, where do I start and what skills do I need?
    • What is the need of JSF, when UI can be achieved with JavaScript libraries such as jQuery and AngularJS
    0 讨论(0)
提交回复
热议问题