Frequently Asked Questions about Mojarra (Oracle's JSF implementation)

This Wiki page is for questions about Mojarra (Oracle's JSF implementation). General FAQs about the JSF Specification are covered in The FAQ for the JSF Specification.

Table of Contents:

Working with the source code

How do I access the source tree via version control?

Access to the source code for Oracle's implementation of the JCP JSF Specification is subject to the terms of either the GNU
General Public License Version 2 only ("GPL") or the Common Development
and Distribution License("CDDL") (collectively, the "License"). You
may not use this file except in compliance with the License. You can obtain
a copy of the License at here.

Refer to the version control instructions for details on configuring your client.

If you don't have a ID, you can check out the source anonymously by using the guest account.

The version control instructions also contains information pertaining
to branch names which will be important depending on which version of JSF you're interested in working with.

What are the tags for the current releases of Mojarra?

Do I need to download any dependencies before I attempt to build the source?

No, though we don't use Maven, we do have a system in place to download all the necessary dependencies
you will need in order to build and test the implementation.

How do I build the Mojarra sources?

Assuming SOURCE_HOME is the directory containing the javaserverfaces-sources...

  1. Copy to
  2. Edit and set to SOURCE_HOME
  3. From SOURCE_HOME run ant clean main - this will build the API as well as the implementation

Note: The first time you build you should use ant main clean main. After that use ant clean main as mentioned above.

The jsf-api.jar will be in SOURCE_HOME/jsf-api/build/lib and jsf-impl.jar will be in SOURCE_HOME/jsf-ri/build/lib.

How do I run the automated tests?

There are two major sets of tests in the source tree. One set for the API, and the other
set for the implementation. All of them can be run by invoking a single ant command from the root source directory: ant test.with.container.refresh. This target will cause the JSF API and implementation to be deployed to the GlassFish server
that is downloaded as part of the build process and run the tests after the server has finished starting up.

Ed Burns wrote a blog entry about the tests.  See <>.

How can I contribute?

Please note the following:

  • Your feedback is valuable to us, so join our mailing lists and give input.
  • Bug reports are very helpful to developers and a great way to contribute to the project. Use the issue tracker to report a bug. Please be sure to include as much information with your report as possible such as a test case, your platform, version number and steps to reproduce the problem.
  • If you like to propose a new feature, file an enhancement issue for it.
  • You are welcome to submit a patch for a feature you'd like to see or a bug you'd like to get fixed. All contributors must complete the Oracle Contributor Agreement form before contributions can be included in the project. Print, complete, sign, scan and email the Oracle Contributor Agreement form to:

oracle-ca_us [at] oracle [dot] com

If you wish to fax the form, ask for the fax number by sending an email to the preceding address.

For more information on the OCA, see the FAQ.

Follow the instructions in How do I prepare a change bundle? for quick acceptance of your patch. If your patch doesn't include a test case, we would have to create or update an existing test for it which would delay the acceptance of your patch. If you are unable to do so, you can do the following:

The developer responsible for the section of code affected should either apply the patch and mark the issue FIXED; or add a comment with an objection if the patch does not seem safe, does not appear to fix the problem, or there is not really a problem to begin with. Developers must also confirm that the contributor has filled in and submitted a JCA before commiting their patch.

Notifications of any changes to Issue Tracking, as well as CVS checkins, are automatically sent to the appropriate bug and CVS mailing lists, so you can monitor if the patch has really been applied. Make sure you subscribe to at least the CVS and bug mailing lists for the module you are working on - see the mailing lists page for details.

How do we avoid svn error "svn: E155017: Checksum mismatch while updating..."

This error happens when svn merge is allowed to create directories.  If you are merging using svn and you see that files have been added as a result of the merge, DO NOT COMMIT. Instead, save aside the now files, svn revert them locally, replace the new files and then svn add them.

How do I create a Short Self-contained Correct (Compilable) Example for a bug report?

  • The first step in resolving a bug is to ensure the bug report has all the information necessary to reproduce the bug and as little other information as possible.  This usually means stripping out any third party libraries such as PrimeFaces, RichFaces, ICEfaces, etc.
  • Starting out with a high quality bug report is the best way to see that a bug is resolved.  Bug reports should be short, self contained, correct (compilable), examples of the problem to be resolved.  See <>.  If the bug report falls short of being an SSCCE, the Mojarra team will usually request help from the reporter to arrive at an SSCCE before starting on a fix.
  • A maven archetype is available to bootstrap the creation of an SSCCE. For JSF 2.1 use:
    mvn archetype:generate -DarchetypeGroupId=com.sun.faces \
     -DarchetypeArtifactId=faces-2.1-test-war-archetype \
     -DarchetypeVersion=0.1 \

For JSF 2.2 use

mvn archetype:generate -DarchetypeGroupId=com.sun.faces \
 -DarchetypeArtifactId=faces-2.2-test-war-archetype \
 -DarchetypeVersion=0.1 \

After answering the questions, add the necessary content to the webapp and build with the -Pfaces-test profile enabled.  If this profile is omitted, the project will not build.

How do we triage and assign bugs?

Bugs filed in the Mojarra Issue Tracker are triaged by the Mojarra team with the goal of maximizing the number of bugs resolved and minimizing the effort taken to resolve them.  The most important ingredient to achieve this goal is responsiveness: first on the part of the Mojarra team and second on the part of the reporter.

The Mojarra team will do its best to respond to all bugs within four weeks of filing, and to take some concrete action towards resolving the bug at least once every four weeks.

The remainder of this answer will describe the lifetime of a bug in two scenarios.

  1. The fully responsive reporter.
    1. Arrive at an SSCCE.  See the preceding question.
    2. Work on the bug begins in earnest
      1. Once an SSCCE for the bug is in hand, work on the fix can begin.  During    the bug fix, the Mojarra team may need more information to work toward a    resolution.  With a fully responsive reporter, this information is    provided within four weeks of its being requested by the Mojarra team.    As long as no more than four weeks go by without a response, the bug    will remain in the "fully responsive reporter" process.  In this case,    the Mojarra team works on the bug and makes regular progresses at least    once every four weeks.  Occasionally progress becomes blocked awaiting a    response from the reporter.  If four weeks go by without a response, the    bug will enter the "unresponsive reporter" process.
    3. Bug resolution
      1. Once the bug has been resolved, it is committed to the appropriate    source code lines and made available for the next release of Mojarra.
  2. The unresponsive reporter.
    1. Request for information
      1. If the Mojarra team requests more information on a bug report, such as to arrive at an SSCCE, or to ask if the bug still exists when tried with the latest available appropriate mojarra release, but the reporter does not respond to the request within four weeks, the bug will be de-prioritized one level from its existing priority.
        1. after four weeks of inactivity: Major is de-prioritized to Minor
        2. after eight weeks of inactivity: Minor is de-prioritized to Trivial
        3. In all cases, the "Major" JIRA priority is the maximim allowable    priority for bugs in the triage process.  The Mojarra team uses the    "Critical" and "Blocker" priorities to prioritize bugs on which work    has actively started.
        4. If a response is given by the reporter, the bug leaves the    "unresonsive reporter" process and returns to the "responsive    reporter" process.
    2. Bug resolution
      1. After twelve weeks of inactivity, the trivial issue is closed as    Incomplete.

What Fix Version/s do I set when I close an issue?

For work on the trunk, set the Fix Version/s to be the next milestone, such as 2.3.0-m02 and also the next release, such as 2.3.0.

How do I prepare a change bundle?

The JavaServer Faces team practices Test Driven Design. All code checked in must be accompanied by a new automated testcase that exercises that code, or changes to an existing automated testcase that exercises the code. When writing your code, you have the choice of whether a unit test or a system test would be more appropriate to verify the correctness of your code. Unit tests live in the jsf-ri/test directory, and system tests live in the jsf-ri/systest directory.

Please read this article, or other literature for an introduction to Test Driven Design.

  • As a general note, please turn off any auto-formatting in your IDE to keep your diffs to a minimum. Encountering lots of semantically meaningless changes in the version history of a file, mixed in with semantically meaningfull ones, is very confusing. If you must make formatting changes, do so in a separate change-bundle.
    BEFORE CHECKIN, each significant code change to the
    is described in a "change bundle" and sent to for review by module owners. If the change-bundle is to fix a bug, the change-bundle can be posted to the bug (either as an attachment or a comment) and a pointer to the bug can be sent to
    The change bundle should be sent in a way that is easiest for the reviewer to review. Examples of change-bundles can be found here.
    There is an ant target that generates a file "changebundle.txt" that can then be edited to give you something suitable to send via email and/or attach to an issue.
  • cd to the top level of your workarea where you have made the changes you want reviewed.
ant cb
  • If any files are to be svn added or removed, make sure svn knows that they should be added or removed appropriately.

Please refer to the issue "id" in the bundle and in the subject of your email.

  • The module owner reviews the change bundle
    • If the reviewer gives approval, you can check it in as is. Please follow the checkin process. Approval is signified by the reviewer replying to the change bundle mail with r=userid.

For example:

Looks good, r=edburns

    • If the reviewer requests revisions, you need to produce another change bundle and seek approval. Repeat until approval is given.

What is the code checkin procedure?

Once you have completed the review process, please follow this process to ensure a smooth checkin that doesn't break the tree.

  • cd to the top level of your workarea. Make sure everything still compiles and runs. This means you do the following on jsf-api as well as on jsf-ri. This will run all the unit tests on jsf-api and run all the unit tests and systest on jsf-ri.
    • ant
    • ant test
      on jsf-api/ and
      ant test
      on jsf-ri/
  • If the checkin contains non-documentation files, you cannot checkin until both the "ant" and the "ant test" commands have run successfully on your machine.
  • Make sure jsf-guessNumber, jsf-cardemo, jsf-components demos run successfully.
  • Run
    ant test
    on the jsf-demo/// directory. This will run the HTMLUnit automated tests on the demos.
  • Once you have run all the tests successfully, you are ready to commit. Run this command
cvs -n update -d -P
  • Examine the output. Most importantly, make sure that every file marked with a ? is not intended for check in. Doing this check ensures that your complete set of files will be checked in without omissions. If there are files marked with a ? that are intended for check in,
    cvs add
    them and go back to the beginning of this Process.
    If there are any files marked with a P or a U, you must update your tree before checking in. Do a top level
    cvs update -d -P

    and go to the top of this process.

  • Use the output from the previous step as the basis for your checkin message. Make sure you describe what has changed in each modified or added file.
  • It's time to commit. At this point you're certain that your workarea is completely up to date, all files intended for checkin are marked for checkin, and everything compiles and works. Try to issue the cvs commit command from the lowest possible directory that is a parent of all the directories in which the files have been changed or added. If you can avoid doing a toplevel commit, then please do so. Run the command
cvs commit

Type in your log message, or import it from a message file via cut and past or some such.

How do I become a committer?

Follow How can I contribute? and start contributing enough [#HowToBundle]solid patches] that get accepted into the codebase so that we can get a feel for the quality of your code. Contributors who give frequent and valuable contributions will be nominated for "developer" role if they desire. We would appreciate if commiters could abide by the code review and test driven development process we use.

If you think this process is too onerous, please send your comments to project owner.

How do I make sure that changes to the spec have the correct version changebar attributions?

This answer was taken from an email sent to one of the engineers working on Mojarra in response to a similar question.

There's another question that covers the css attributes that make the changebars in the generated
portions of the specification work.  Here we show how to use them.

The attributes are applied to three levels of documentation, and they all
need to be updated as the spec is edited.  For all levels, there are two
kinds of attributions.

"First Word" attributions.

This kind of attribution makes the first word of the level show the, "changed"
attribution.  It's called "first word" because only the first word is marked
to give the reader a quick notice that "something changed in this" section of
the spec, where section is spec section, package, class, etc.

"body text" attributions

This kind of attribution marks the whole of the changed section with the appropriate
attribution, "changed", "modified", or "deleted".

Level 1: jsf-api/src/main/resources/overview.html

Add "first word" attributions for all sections of the spec that changed within
a spec iteration.  For example, at this point in JSF 2.2, all spec sections
except for the JSP Taglibrary docs have been changed.  Therefore, the table
titled "The Java Server Faces Specification is composed of several documents:"
shows changed_modified_2_2 first word attributions for all those sections.

Level 2: package.html

Add "first word" attribution for each package that changed within a spec iteration.

Level 3: Compilation Unit level

Add "first word" attribution for each Class/Interface/TagHandler/Renderer/JavaScriptObject
that changed during a spec iteration.

Level 4: Leaf level

Add "first" word attribution on the individual method, etc, and also add
"body text" attribution.  This last bit is the really important part, because
all the other levels simply point to "body text" attributions.

Here is some example text.

 Finally, to let the developer know that ResourceHandler was modified
during JSF 2.1, make it so the very first word in the javadoc for the
class has the changed_modified_2_1 CSS attribute.  In the case of, this means adding the changed_modified_2_1 CSS
class to the value of the "class" attribute on the <strong> element that
wraps the word "ResourceHandler".

To see your change in action, note which class has the CSS changes you
expect then cd to jsf-api and do "ant javadocs".  Look at the build
output to see where the javadocs are generated.  Open up the top level
index.html file in a browser, navigate to the javadoc for the class that
has the changes, and verify that the color coding is correct as you

What files need to be modified to affect changes in the CSS for the generated portions of the specification.

Look at this log message when these changes were made for JSF 2.1.

Create CSS and images for 2.1 changebars.

M       jsf-tools/src/main/resources/com/sun/faces/generate/facesdoc/stylesheet.css
A       jsf-api/doc/changed_added_2_1.png
A       jsf-api/doc/changed_modified_2_1_cursor.cur
A       jsf-api/doc/changed_added_2_1_cursor.cur
A       jsf-api/doc/changed_deleted_2_1.png
A       jsf-api/doc/changed_deleted_2_1_cursor.cur
A       jsf-api/doc/changed_modified_2_1.png
M       jsf-api/src/main/resources/jsf-api.css
M       jsf-ri/conf/share/tlddoc-resources/stylesheet.css
M       jsf-api/doc/jsdoc-template/static/default.css

Note: the changebars that apply to the generated documentation for the XSD files are handled using CSS selectors in the jsf-api.css file.

Questions pertaining only to Oracle's implementation of the JSF specification

How can I turn on logging?

  • Learn which logger you want to turn on. If you look in
    you find some useful constants for logging. It lists every logger:

Other logger constants are (as of Mojarra 2.2.x on 2015-01-09):


If you want to turn on only the logger for render kit, for exmple, the logger is


  • If using Glassfish V2
    • Going on with the intent of turning on the logger for render kit, make a logging config file, for example "jsf-log-config", containing only this line:
    • Edit your domain.xml file:

Look for a

element, and add there a
. If you have put the "jsf-log-config" file in "domains/domain1/config/", for example, your jvm-options looks like this:

  • If using Glassfish V3 prelude or later, rather than creating a separate file and

domain.xml to point to it, modify the "" file, which is in the same
directory as the domain.xml file. Place entries in the file as you
would place them in the log-config file from the Glassfish V2 instructions.

  • Run the appserver. The messages will appear in the regular application server log.

How do I turn on logging in JDeveloper?

  • Run/debug your app in JDev
  • In the IntegratedWeblogicServer Log tab, select Actions -> Configure Oracle Diagnostic Logging
  • In the logging.xml tab, click the green plus icon and then "Add Persistent Logger..."
  • Specify "javax.enterprise.resource.webcontainer.jsf.config" for the name and INFO for the level.
  • Save changes.
  • Terminate Integrated WLS.
  • Re-run/debug your app.

The Mojarra version message is logged to the DefaultDomain/servers/DefaultServer/logs/DefaultServer.log under your system directory.

Note that for ADF applications, another way to determine the Mojarra version is to:

  • Ensure that JSF's project stage is something other than production - eg. set the javax.faces.PROJECT_STAGE context parameter to "Development".
  • Set the context parameter to "false"
    With this configuration, ADF writes out a comment at the bottom of each page rendered by ADF Faces.

The comment looks something like this:

<!--Created by Oracle ADF (ADF RichClient API - ASPEN (custom: / ADF RichClient Impl - ASPEN (custom: / ADF-Richclient-API{Implementation-Title=ADF
RichClient API,
Implementation-Version=ASPEN (custom:,
Specification-Vendor=${manifest.spec.vendor}, Support-String=ASPEN,
RCF-revision: 55207 (branch: 12-aspen-SNAPSHOT, plugins: 2.0.2),
Trinidad-revision: 1127 (branch: 2.1.1-SNAPSHOT, plugins: 2.0.9),
build: JDEVADF_MAIN_GENERIC_141113.1513.S, libNum: 4317,
Oracle-BuildTimestamp=2014-11-13 05:21:16 -0800,
Implementation-Vendor=Oracle Corporation, Oracle-BuildSystem=Linux -
java - 1.7.0_51-b13, Oracle-Internal-Release=,
Build-Jdk=1.7.0_51-b13, Specification-Title=ADF RichClient API,
Oracle-Builder=user=aime host=slc03tva, Specification-Version=ASPEN,
Build-By=aime} ADF-Controller{Oracle-BuildSystem=Linux - java -
1.7.0_51-b13, Oracle-Label-JDEVADF=JDEVADF_MAIN_GENERIC_141113.1513.S,
Oracle-Internal-Release=, Created-By=24.51-b03
(Oracle Corporation), Oracle-Builder=user=aime host=slc03tva,
Oracle-BuildTimestamp=2014-11-13 06:30:41 -0800}
ADF-Model{Oracle-BuildSystem=Linux - java - 1.7.0_51-b13,
Oracle-Internal-Release=, Created-By=24.51-b03
(Oracle Corporation), Oracle-Builder=user=aime host=slc03tva,
Oracle-BuildTimestamp=2014-11-13 05:26:05 -0800}
ADF-Share{Oracle-BuildSystem=Linux - java - 1.7.0_51-b13,
Oracle-Internal-Release=, Created-By=24.51-b03
(Oracle Corporation), Oracle-Builder=user=aime host=slc03tva,
Oracle-BuildTimestamp=2014-11-13 04:30:00 -0800} / powered by
JavaServer Faces - 2.2.8-02), accessibility (mode:null,
contrast:standard, size:medium), skin:skyros-v1.desktop (skyros)-->

This part is of interest:

powered by JavaServer Faces - 2.2.8-02

What is required to build JSF 1.2.x?

How do I build the code?

Make sure you have installed everything outlined in What is required to build JSF 1.1.x and JSF 1.2.x? and What is required to build JSF 1.2.x?. Make it so JDK and Ant are runnable from the command line. This involves setting up the environment per the Ant instructions.


  • If you are planning on running the unit tests, copy $JUNIT_HOME/junit.jar to your $ANT_HOME/lib directory.
  • Change directory to the location of the checked out source.
  • Copy
    and set the following properties:
    • - this must be set to the same directory of the checked out source
    • container.home - this is the base directory of your GlassFish installation. This property defaults to
      . Only override it if you wish to point to a different GlassFish installation (for testing purposes).
    • glassfish.password.file - this specifies the file containing the GlassFish administrative password. The property file details the contents of this file. This defaults to
      . The password in this file is the default of 'adminadmin'. Override this propery if you have a custom password for your GlassFish instance.

There are various other properties that can be toggled to modify the build/test behavior. Review the property file for details on the different properties.

  • Run ant. This will download the necessary dependencies and build the jsf-api and jsf-impl JARs. The jsf-api.jar will be located under jsf-api/build/lib and jsf-impl.jar will be located under jsf-ri/build/lib.
  • In order for GlassFish to take advantage of any changes you may make, run the container.deploy target (this can be run from or any subdirectory therein. This target will update the appropriate GlassFish artifacts. If you are using some other container, this target could still be used, but confirm with the container's docs. If you are not building from source but just want to override the JSF JARs in GlassFish, do the following:
    • Restart the server for the updates to take effect.
    • To build and deploy the JSF sample applications, change directory to jsf-demo directory. Run ant. This will build all the demos that ship with the JSF distribution namely guessNumber, cardemo, component and nonjsp.
    • To deploy the application to GlassFish, you have two options. You can copy the war file to container's autodeploy directory which is under (GLASSFISH.HOME/domains/domain1/autodeploy) or you can use the asadmin utility to deploy the war file.

How do I run the automated unit and system tests using Glassfish?

Get to the point where you can build the code by following the above steps. Set the required properties in

  • On the Mac OS X 10.4 Platform, you need to copy <code>$JAVA_HOME/lib/ext/sunjce_provider.jar</code> to glassfish.home/lib.
  • You will probably find it necessary to add -Xms512m -Xmx786m -XX:MaxPermSize=786m to your ANT_OPTS envinorment variable.
  • To run all tests, run ant test.with.container.refresh
  • To run the API tests, run ant test from jsf-api. This will run all API tests.
  • To run the RI tests:
    • If you have GlassFish running, stop the server. Run ant config.container. This performs the necessary configuration modifications. Restart the server.
    • Stop Glassfish, if it's currently running. Run ant container.deploy from the top directory. Restart Glassfish.
    • Run ant test from jsf-ri. This will run all unit tests.
  • For your information: There are four separate suites of tests run when ant test is invoked from jsf-ri and can be invoked using the following targets:
    • run.junit.test -> runs a small suite of standalone tests that do not require the container
    • run.cactus.test -> runs the cactus-based tests
    • run.systest -> runs the system tests (basically end-to-end tests simulating http clients)
    • run.systest-per-webapp -> similar to the systests above, but these tests are run in separate web applications to keep the environment clean.

If you encounter any problems running the unit tests, ensure that the target config.container was invoked. If the command was invoked, verify the following settings exist glassfish.home/domains/domain1/config/server.policy.

  • java.util.PropertyPermission set to "read,write" (not just "read")
  • permission java.lang.reflect.ReflectPermission "*";

Also, ensure the keepalive timeout is set to 70 seconds in glassfish.home/domains/domain1/config/domain.xml (search for keep-alive). These changes are necessary because some of the unit tests access system properties and access package private variables from jsf-impl in order to test some functionality. The keepalive change is necessary as one of the tests sleeps for a minute before continuing. Without this change, the test would fail due to the connection being reset.

How do I debug a JSF Application using Glassfish/NetBeans 4.1?

  • Start Glassfish in debug mode. To do this, edit
    . Look for java-config element. Set "debug-enabled" to "true". Restart the server.
  • Attach NetBeans debugger. Use the following values for Attach and click on "OK".
    • Debugger: JDPA Debugger
    • Connector: SocketAttach
    • Transport: dt_socket
    • Host: your host name
    • Port: 9009 (If you modified domain.xml to use a different port, use that port number)

Now, when you deploy and run your JSF application, you should see the debuuger stop at your break points.

How do I update the JSF implementation in the Java EE SDK (or glassfish) with the most recent version?

Starting with GlassFish 3.1.2, and continuing on with every future release, we plan to distribute Mojarra as a single jar file, javax.faces.jar. This is consistent with the rules laid down by the JavaEE architects. So, forget everything you read about jsf-api.jar and jsf-impl.jar. We suggest you rm -rf your existing GlassFish installation and start over again.

  1. Visit
  2. Type the following into the search box.
    org.glassfish:javax.faces:<version number>

    Where <version number> is one of the versions advertised as released at  Incidentally, this value is called a maven GAV (groupId, artifactId, version).

  3. Expand the tree browser in the lower left corner of the screen to expose the subtree for <version number>.
  4. Select the javax.faces-<version number>.jar
  5. In the tab panel to the right of the tree browser, select "Artifact Information" and click the "Download" button.
  6. Overwrite the file "javax.faces.jar" in the GlassFish (or later) "modules" directory with the bytes of this downloaded file. The name of the file when the download is complete must continue to be javax.faces.jar.
  7. For GlassFish and earlier, you must also update the javax.el.jar in the GlassFish "modules" directory with the one with this GAV: org.glassfish.web:javax.el:2.2.5.

What context parameters are available and what do they do?

The following context parameters are supported the reference implementation and are specific to that implementation. Thanks to Adrian Mitev for compiling this table.

Parameter name Description Default Value Introduced in Version
com.sun.faces.allowTextChildren If true, allow children of h:inputText and h:outputText to be rendered. In 1.2, they would always be rendered before the value of tag. In 2.0, they will not be rendered at all unless this flag is set. false
The value of this context init parameter is a whitespace separated list of values that control which class packages are scanned for annotations.   To restrict which jars/packages are scanned, use the following entry format: jar:<jar name>:<comma separated list of packages> So an example would be: jar:a.jar:com.acme.package1,com.acme.package2 ""
com.sun.faces.autoCompleteOffOnViewState If false, don't use autocomplete="off" when saving view state. true
com.sun.faces.cacheResourceModificationTimestamp If true, cache the modification time of the resource and use the cached time to tell if the resource needs to be refreshed
com.sun.faces.numberOfViewsInSession (note the implementation unintentionally has swapped the meaning, as we cannot change this without breaking what people have become used to we have updated this here) 15 1.2
com.sun.faces.numberOfLogicalViews Defines the maximum number of serialized views stored in the session. Works with server state saving (note the implementation unintentionally has swapped the meaning, as we cannot change this without breaking what people have become used to we have updated this here) 15 1.2
com.sun.faces.preferXHTML For the case where a browser supports xhtml and html without a quality. When enabled and this case occurs, then xhtml will be set as the content type. false 1.2
com.sun.faces.compressViewState When true the view is compressed after it is serialized and before base64 encoded. Works with client state saving. As of 1.2_09, this option also impacts server side state saving when com.sun.faces.serializeServerState is set to true (this has a large impact of the size of the state in the session when using this option, at the expense of more CPU of course) true 1.2
com.sun.faces.disableVersionTracking Version tracking detects 1.1 artifacts (FacesContext or Application implementations as an example) within the 1.2 runtime. If you have a pure 1.2 environment, then you could disable it. false 1.2
com.sun.faces.enableMissingResourceLibraryDetection If enabled, the runtime will check for the existence of a resource library before checking for the resource itself.  If not found, an appropriate error message will be included in the log and in the view if ProjectStage is Development.
com.sun.faces.sendPoweredByHeader The servlet specification defines an optional header that can be sent by a container to communicate the version of the JSP/Servlet the response was generated by. If this is enabled, then JSF/1.2 is included in this header. true 1.2
com.sun.faces.verifyObjects When true JSF makes sure all managed beans components,validators, etc can be instantiated by the runtime false 1.2
com.sun.faces.validateXml When true JSF validates the configuration files. false 1.2
com.sun.faces.displayConfiguration If true then all web configuration information (context initialization parameters and environment entries) will be written to the log. This is useful during development to confirm your application is configured as expected. Valid values for this parameter are true and false false 1.2_01
com.sun.faces.injectionProvider This parameter specifies a class that implements the InjectionProvider for more details NONE 1.2_01
com.sun.faces.serializationProvider This parameter specifies a class that implements the SerializationProvider SPI. This implementation represents a hook the JSF implementation will use in order to allow the use of alternate Serialization implementations. See the documentation of the interface for more details NONE 1.2_01
com.sun.faces.responseBufferSize This parameter specifies the size, in bytes, of the buffer that is used to write all generated content excluding state. 4096 1.2_01
com.sun.faces.clientStateWriteBufferSize This parameter specifies the size, in bytes, of the buffer that is used to write client state. It should be noted, that the buffer used is split - half is for raw bytes, the other half is for the Base64 encoded characters of said bytes. So, for example, if the default, 8192, is used, then 4096 of that is used for the bytes, and the other 4096 is used for the Base64 encoded characters. 8192 1.2_01
com.sun.faces.compressJavaScript If true, then the JavaScript rendered by h:commandLink will be compressed to reduce the amount of whitespace transmitted in the response. If false then the JavaScript will be rendered to the client in a well formatted manner. true 1.2_02
com.sun.faces.externalizeJavaScript When true a script element with a src attribute. This allows browsers to cache the JS resource instead of having to write it each time the page is accessed. false 1.2_03
com.sun.faces.enabledJSStyleHiding If true, inlined JavaScript rendered by the HTML ResponseWriter implementation will be rendered so that the script is hidden from older browser implementations. false 1.2_03
com.sun.faces.writeStateAtFormEnd Per the renderkit doc specification, the state information for the view will be written out prior to closing the form tag. However, it may be desirable to have the state information written out after the opening form tag. If this is the case, specifiy this parameter in the web.xml with a value of false. false 1.2_04
com.sun.faces.enableLazyBeanValidation If true, managed beans will be scurtinized when first created. If false, managed beans will be validated when the application is started, at the expense of a slightly slower start time. true 1.2_05
com.sun.faces.enabledLoadBundle11Compatibility See Issue 577 for details. When this flag is true, The f:loadBundle will behave as it did in JSF 1.1. If you've migrated from 1.1 to 1.2, and haven't had any issues with f:loadBundle it is safe to ignore this option. false 1.2_05
com.sun.faces.clientStateTimeout This specifies the maximum time (in seconds) that client state will be considered valid by the default StateManager/ResponseStateManager implementations. If the time between requests exceeds the configured time, a javax.faces.application.ViewExpiredException. will be thrown. It is important to note that if this feature is enabled, and client requests are recieved with view state produced from a previous version, the ViewExpiredException will be thrown immediately. NONE 1.2_05
com.sun.faces.serializeServerState If enabled the component state (not the tree) will be serialized before being stored in the session. This may be desirable for applications that may have issues with view state being sensitive to model changes. false 1.2_05
com.sun.faces.enableViewStateIdRendering If true, the view state hidden field will be rendered with both the id and name attributes having the value of "javax.faces.ViewState".This is what the spec requires, however, if there are multiple forms within a view and the response content-type is XHTML, the result will be XHTML that will fail validation due to multiple ID attributes with the same value: javax.faces.ViewState. Setting this parameter to false will result in the ID attribute not being rendered. Keep in mind however, that doing this may break integration with AJAX frameworks that get the state field via ID. See issue 433 for details. true 1.2_08
com.sun.faces.enableScriptsInAttributeValues If false, attribute values with javascript: or script: will not be rendered within attribute values to prevent potential XSS attacks. true 1.2_08
com.sun.faces.disableUnicodeEscaping By default any characters above a certain range will be escaped as either an HTML entity or a decimal reference. This behavior is not always desirable. To allow more flexibility how content is rendered to a client, this option was introduced. Valid configuration values are: false, true, and auto with false being the default. When the option value is false, Mojarra will continue to escaped no matter the response encoding type. If the configuration value is true, Then no escaping will occur assuming that the response encoding can properly handle all characters. If the configuration option is auto then the response encoding will be checked. If the encoding is of the UTF family of encodings no unicode or html entity encoding will occur, however, if the response stream encoding is ISO-8859-1 then the ISO characters above a certain range will be encoded as HTML entities and any characters above that range will be written as decimal references. false 1.2_09
com.sun.faces.developmentMode When true, class caching is disabled so that dynamic loading of Groovy artifacts can take place. (Groovy artifacts must be placed in WEB-INF/groovy, and groovy-all-1.6.9.jar must be in the classpath). Additionally, any changes made to WEB-INF/faces-config.xml or any configuration resource referenced by the javax.faces.CONFIG_FILES context parameter will cause the JSF application to reload itself (without re-deploying). false 1.2_09
com.sun.faces.enableMultiThreadedStartup By default, Mojarra starts threads at startup, for a faster startup time. Because generating threads is forbidden in Google App Engine, this option must be set to false when deploying to GAE. true 1.2_13
Context initialization parameter name for the lifecycle identifier of the Lifecycle instance to be utilized ""

In addition to the above context parameters, the following JNDI environment entries are available

JNDI Environment Entry Name
Default Value
Version introduced
java:comp/env/jsf/ClientSideSecretKey The value of this entry is passed through DatatypeConverter.parseBase64Binary() and then passed as the first argument to SecretKeySpec(byte [], "AES").  This secret key is used to encrypt the view state.
If not specified, KeyGenerator.generateKey() is used to generate the Secret Key.
java:comp/env/jsf/FlashSecretKey The value of this entry is passed through DataTypeConverter.parseBase64Binary() and then passed as the first argument to SecretKeySpec(byte [], "AES"). This secret key is used to encrypt the value of the flash cookie.
If not specified, KeyGenerator.generateKey() is used to generate the Secret Key. 2.2.7

I see this error: JSF1033: Resource injection is DISABLED

This is not necessary if you're using a milestone build of GlassFish UR1 or GlassFish V2. Edit your APPSERV_HOME/domains/<domain-name>/config/default-web.xml and add the following context init parameter:

  • Param Name: com.sun.faces.injectionProvider – Param Value: com.sun.faces.vendor.GlassFishInjectionProvider
  • Restart the modified domain.

I receive an IllegalStateException when restoring a view that uses anonymous classes for items such as Listeners

This isn't a bug in JSF state saving. In fact, serialization of anonymous class instances is discouraged due to
several known complications. These are spelled out in section 1.10 of the serialization specification.

This has been raised as an issue with the JVM team, but closed as NOT A BUG. Please see bug 4862448 for further details.

My container doesn't support ServletContextListeners defined in TLDs, what listeners are used by the Mojarra?

  • com.sun.faces.config.ConfigureListener (used to parse configuration resources and bootstrap the application)
  • com.sun.faces.application.WebappLifecycleListener (used by resource injection)
  • com.sun.faces.util.ReflectionUtils$ReflectionUtilsListener (used to init and clear reflection caches)

As of 1.2_05, there is only one listener - com.sun.faces.config.ConfigureListener.

When I depoy Mojarra as a shared library in Tomcat, an application does not work and I see a ConfigurationException: no web.xml present error in the log

One of your Tomcat applications has no web.xml in its WAR file / directory structure. A work-around for this problem is to ship Mojarra in each of your JSF applications, or to add a valid web.xml to the offending application. 

I'm running Mojarra with mvn jetty:run, and my @ManagedBean, @Validator, and @Converter classes are missing, not found. I can get it to work with mvn jetty:run-war, but this is very slow and cumbersome and kills the productivity of embedded Jetty. How can I get it working?

The problem is that Mojarra (JSF 2 RI) scans three places for classes annotated with @ManagedBean:

  1. WEB-INF/classes
  2. JARS in WEB-INF/lib
  3. classpath with META-INF/faces-config.xml

Since Jetty reads the class files from target/classes in embedded mode, JSF 2 doesn't know to scan them there (unless META-INF/faces-config.xml is present). Basically, instead of just scanning all classpath entries, Mojarra is very specific.

If you really want to get productive with JSF 2 right out of the box w/ embedded Jetty, I recommend looking into the weld-jsf-servlet-minimal artifact, which prepares a JSF 2.0 and CDI 1.0 application for you.

If you use @Named classes (from CDI) rather than @ManagedBean (from JSF 2), a substitue I recommend anyway, then you can get the productive you want.

Here is the workaround with Mojarra with regard to the scanning: If you put faces-config.xml in src/main/resources/META-INF, then it will find the classes you want.

What are some FrameMaker tips?

Here is a dump of Ed's collected Frame Crib Sheet

How to deal with the spec in general

Launch frame by double clicking on the book. Then open all the chapters.

How to generate the PDF

Update dates. On TitlePage .fm update the expert draft version.

Make sure page numbers are updated. File->Edit->Update Book, make sure all boxes are checked.

File->Save as Book. Choose PDF type and location, and accept defaults in setting window, pressing Set on that window.

How To tell FrameMaker to expand or not expand the TOC when generating the PDF

It's in the Settings window:

Cannot resolve external resource into attachment.

How to deal with changebars

How to get rid of them.

Format->Document->Change Bars. Do this for each chapter.

Revision tagging process

When all of the work for a spec revision has been completed, check the work in, tag the workspace, then clear the changebars in all the chapters, and re-check in the files so they're ready for more revisions.

Special character stuff

The character catalog is accessed with the little "f" icon in the upper right hand corner of the inividual MDI window. The Default Font mode is the normal mode. The code mode is for code. The emphasis mode is for italics. Don't use the Italic button.

Special paragraph stuff

The paragraph catalog is like the character catalog, but it's a paragraph symbol that accesses it. Commonly used ones are:

Paragraph is the default

Code Bullet 1 is when quoting the API method and signature

Bullet 1 is a bulletted list.

*Codeline is nice for showing XML code. You have to hit the tab key one more time than you think.


Like word, but not as nice.

How to do cross references in frame

Make sure the both the source and target documents are loaded into Frame.

Go to where you want to put the "source" of the reference, and usually, you type "please see". Right click and choose "Cross-Reference".

In the "Cross-Reference" dialog, twiddle the "Document:" drop-down to choose the document in which the target resides.

Twiddle the "Source Type" widget to say "Paragraphs"

Twiddle the "Paragraph Tags" option list to choose the paragraph type, say "Head2" to which you want to refer. As you choose different paragraph types, the section headers should show up in the "Paragraphs" list, to the right. Choose the one you want!

Twiddle the "Format" widget to show the right style, usually "SectionNumber&Title".

Press Insert.


If you can re-create those images as PCX files, you can import them in to the document and they should look good.

How do you fix the PDF bookmarks to be correct?

Here are the tags and their order:


To reorder them:

  1. Open the Book file.
  2. Open Format->Document->PDF Setup.
  3. Shift-click the right arrow button (--->) to remove all tags from the Include Paragraph box.
  4. Select the tags listed above click the left arrow button (<---) to move them to the Include Paragraph box.
  5. Adjust the bookmark levels according to the list above by selecting the tag and moving them with the << and >> buttons. For example, move the TitleText tag all the way to the left by selecting TitleText and clicking << until it moves to the far left of the Include Paragraph box. ChapterTitle should be one click to the right of TitleText . Head1 should be two clicks, and so on.
  6. Save the Book file.
  7. Generate the PDF.

Conditional Text

How to show/hide conditional text in frame.

Frame doesn't strip it out, but you can show/hide conditional text before you generate the PDF.

  1. Open the Conditional Text dialog box by selecting Special>Condition Text....
  2. Click Show/Hide.
  3. Move Comment and any other conditional text you want hidden to the Hidden column.
  4. Click Set.

The Show Condition Indicators checkbox toggles whether conditional text should use colors or be black . For instance, the Comment conditional text setting makes the text red and underlined when Show Condition Indicators is checked.

A tip on hiding all conditional text in a book:

  1. Follow the above steps to hide the conditional text in one of the chapter files.
  2. Open the book file.
  3. Select File>Import>Formats.
  4. In Import From Document select the chapter file you worked on.
  5. Uncheck all the boxes in Import and Update except Conditional Text Settings.
  6. Uncheck the boxes in While Updating, Remove.
  7. Click Import.
How to add new conditional text
  1. Open the Conditional Text dialog box.
  2. Type the text you want conditionalized.
  3. Select the text.
  4. In the Conditional Text dialog box, double click, for instance, Comment from the Not In or As Is column to move it to the In column. This automatically selects the Conditional radio button in Currect Selection Is.
  5. Click Apply.

If you are marking an entire paragraph as conditional text, make sure you select the paragraph marker (viewable when you select View>Text Symbols). If you don't, there will be empty lines in the book when you turn off the conditional text.

How to search in conditional text
  1. Open the search dialog box (Edit>Find/Change).
  2. In the Find field select Conditional Text....
  3. Select the Conditional Text setting.
  4. Enter the search terms.
  5. Click Find.

What are some WebLogic Server (WLS) Tips?

How do I install WLS?

WLS 12.1.1 has Mojarra 2.0.4-b07.  Here's how to run it.

  1. Download this jar wls1211_generic.jar and run java -jar on it.  Run through the "Typical" prompts.  Set the userid and password to be weblogic:weblogic1. 
  2. When this is done the server can be started by cding to <install_dir>/user_projects/domains/base_domain/bin and running the ./ script (or OS specific equivalent).
  3. If the server doesn't start and complains about java endorsed dirs, modify this script <install_dir>/wlserver_12.1/common/bin/ so that wherever the -Djava.endorsed.dirs system property is mentioned, point to one that works.  It's been found that the one from GlassFish works well. See this diff for the idea.
    -    JAVA_OPTIONS="${JAVA_OPTIONS} -Djava.endorsed.dirs=${JAVA_HOME}/jre/lib/endorsed${PATHSEP}${MODULES_DIR}/endorsed"
    +    JAVA_OPTIONS="${JAVA_OPTIONS} -Djava.endorsed.dirs=/home/ejburns/Documents/JavaEE/workareas/mojarra-1HEAD/glassfish-3.1.2/glassfish3/glassfish/modules/endorsed"
  4. If you want to enable debugger attaching, edit this script <install_dir>/user_projects/domains/base_domain/bin/
    ---    2012-07-31 11:52:47.343586000 -0700
    +++     2012-07-31 12:05:07.122841000 -0700
    @@ -71,6 +71,8 @@
     export BEA_JAVA_HOME
     export SUN_JAVA_HOME
    @@ -341,6 +343,8 @@
     export JAVA_DEBUG
     if [ "${debugFlag}" = "true" ] ; then
            JAVA_DEBUG="-Xdebug -Xnoagent -Xrunjdwp:transport=dt_socket,address=${DEBUG_PORT},server=y,suspend=n -Djava.compiler=NONE"
            export JAVA_DEBUG

    Once this is done, the debugging port is 8543 by default.

  5. When you start the server, the Admin GUI is at http://<hostname>:7001/console/ by default.

Where is the JSF binary code inside WLS

This varies from release to release, but in 12.1.1, for JSF 2.0.4-b07, jsf-api.jar is <install_dir>/modules/javax.jsf_1.0.0.0_2-0.jar and jsf-ri.jar is <install_dir>/modules/glassfish.jsf_1.0.0.0_2-0-4.jar.  These files can be patched with updated .class files as necessary for debugging purposes.

  1. General JSF-related questions

How do I write a JSF component?

Component writing can be, at least at first, an almost overwhelming task. To make things a bit simpler, Mojarra committer Jason Lee has written a quick check list of things to do when writing components, with special attention paid to those areas where the 1.1 and 1.2 specs differ.

Can I download the Mojarra jars from a Maven repository?

Maven 2 Repository for JSF 2.0 and Later


Maven 1 Repository for JSF 1.2 and Earlier


I'm trying to deploy to a non-EE server. Where do I find the EL jars?

The EL jars are also available via's Maven repository.

What are the differences between Server and Client side state saving and what are the benefits/drawbacks of each?

Server side state saving is where the component tree and all component state are stored within
the user's session. This entry within the session is tracked by writing a key in the response
that is used to lookup the entry on subsequent post-backs.

Client side state saving doesn't leverage the server side session mechanism at all, instead,
the component tree and state will be serialized using Java Serialization, GZIP compressed
(at least that is the default), Base64 encoded, and written to the response. When a post-back
occurs, the encoding process will be reversed which will result in the tree and state we started

As to the benefits/drawbacks, review the following table.

State Saving Method Server Side Memory Usage CPU Usage Bandwidth Usage
Server without compression High Low Low
Server with compression Low/Medium High Low
Client with compression Low High Medium
Client without compression Low Med High

Mojarra has three context initialization parameters that affect client side state saving:

  • com.sun.faces.compressViewState - Defaults to true. If disabled, GZIP compression will not be used
  • com.sun.faces.clientStateWriteBufferSize - Defaults to 8192. This parameter specifies the size, in bytes, of the buffer that is used to write client state. It should be noted, that the buffer is split - half is for raw bytes, the other half is for the Base64 encoded characters of said bytes. So, for example, if the default, 8192, is used, then 4096 of that is used for the bytes, and the other 4096 is used for the Base64 encoded characters. This is 8192, per request. Depending on the average complexity of the views in the application, this parameter may be adjusted up or down as appropriate.
  • com.sun.faces.serializationProvider - This parameter specifies a class that implements the SerializationProvider SPI. This implementation represents a hook the JSF implementation will use in order to allow the use of alternate Serialization implementations.

There are four context initialization parameters for server side state saving:

  • com.sun.faces.numberOfViewsInSession - Defaults to 15. This parameter defines the maximum number of JSF views stored in the session for per logical view. The map used to store the views uses an LRU algorithm to keep the map from growing beyond the configured value.
  • com.sun.faces.numberOfLogicalViews - Defaults to 15. This parameter defines the maximum number of logical views to store per session. The map used to store the logical views uses an LRU algorighm to keep the map from growing beyone the configured value.
  • com.sun.faces.serializeServerState - Defaults to false. When set to true, the state for the view will be serialized within the session. This may be desirable in the case where view state is sensitive to model changes (as of 1.2_08)
  • com.sun.faces.compressViewState - Defaults to true. This option is only taken into account when com.sun.faces.serializeViewState is set to true. Compressing the serialized view state shows a significant reduction in retained memory for the server state within the session. This reduction in memory comes at the cost of increased CPU utilization (mostly from the serialization). This compression flag is only considered in 1.2_09 or later.

A comment on the numberOfXXX parameters. Logical views are best defined as top level view that may have one or more actual views inside
of it. A new logical view entry will be created any time a GET occurs (a new request, a frameset, two browser windows...). The value
of this logical entry is another Map that will be used to store the view information (i.e. the structure and state). As a user progresses
through an application using standard JSF navigation mechanisms, additional view state will be added to the Map associated with a single
logical view.

As an example, using the jsf-guessNumber application.

  • First request results in a state marker value of j_id1:j_id2. j_id1 represents the logical view, and j_id2 represents the actual view state.
  • Next, enter a guess. The new state marker value is j_id1:j_id3 - again j_id1 being the logical view, and j_id3 being the actual view. So at this point, the Map associated with logical view j_id1 has two entries, j_id2, and i_id3.
  • Next, click the Back button, and the new marker is j_id1:j_id4.
  • Now, issue a request to the context root of the application and notice that the state marker has now changed to j_id5:j_id6. As stated above, each GET will cause a new logical entry to be created. At this point, there are two logical Maps, j_id1 and j_id5. Logical Map j_id1, has three entries, j_id2, j_id3, and j_id4. Logical Map j_id5, has a single entry, j_id6.

How can I secure view state when using client side state saving?

By default, view state will not be encrypted. However, there is a way to do this within the Mojarra.

Specify a environment entry like so:

        <env-entry-value>[SOME VALUE]</env-entry-value>

The presence of this JNDI entry will cause the state to be encrypted using
the specified password. We realize this isn't the most secure way of conveying
a password, however, this cannot be accessed easily without having code executed
on the server side.

When I try to run my application, I see this exception: javax.servlet.ServletException: Cannot find FacesContext How do I fix this?

This is most probably caused by a request going to your server but not being picked up by the FacesServlet. Make sure you have properly mapped the FacesServlet. You need to follow the insructions in Writing the web.xml File and Invoking the FacesServlet in the JavaServer Faces Tutorial.

Why doesn't my navigation rule trigger a matching security constraint?

This occurs because security constraints aren't applied by the container when using
RequestDispatcher.forward() as the default NavigationHandler implementation will do.
In order to overcome this, you must configure the navigation to perform a redirect instead.
You can do this by adding an empty redirect element to the rule.

Do I have to use a JSP 2.1/Servlet 2.5 container with the Mojarra version 1.2?

If you're using JSPs for your view descriptions, then yes, you will need to use a
JSP 2.1/Servlet 2.5 compliant container. However, if you're using another view
technology, such as Facelets or JSFTemplating, you can run JSF 1.2 within a Servlet
2.4 container with out issue.

How does resource injection with the Mojarra work?

First, some general webtier resource injection information can be found here. This documents what all EE5 containers will provide at the webtier level. This provides some basic examples that should get the typical application developer started.

I'm trying to integrate the Mojarra 1.2 with our EE5 container, but resource injection of managed beans doesn't work. Why?

Mojarra doesn't provide it's own resource injection mechanism. Instead, it exposes an InjectionProvider SPI that container vendors can
implement which will allow Mojarra to take advantage of the container's resource injection mechanisms. This blog entry covers the details of the SPI and how it works.

That said, Mojarra includes InjectionProviders for the following containers: GlassFish, Tomcat 6, and Jetty 6.

It should be noted that in all cases what can be injected in a ManagedBean is purely a semantic of what the host
container supports. If you're application was written with JavaEE 5 in mind, the application would be portable to
all EE5 compliant containers, but may not run in, say, Tomcat 6 or Jetty 6. In those two cases, we only inject
what the container itself supports.

I want to use Mojarra with Google App Engine (GAE)

There are instructions for this at this site.

I want to use Mojarra 2.2.x on GlassFish

You must update three jar files in the GlassFish modules directory.

  • replace javax.faces.jar with the one for 2.2.x
  • replace javax.el.jar with javax.el-2.2.5.jar
  • replace weld-osgi-bundle.jar with weld-osgi-bundle-1.1.11.Final.jar.

All of these are in the Maven Central repository.

I want to use Mojarra 1.2 in Glassfish v3

Include a sun-web.xml file in the war that has the following lines:

<class-loader delegate="false"/>
<property name="useBundledJsf" value="true" />

and bundle Mojarra 1.2 into the WAR as well, and it should work.

I want to use Mojarra 2.0 in Glassfish v2 (or Oracle App Server 9.1)

For a per-app basis, do this:

Include a sun-web.xml file in the war that has the following lines:

<class-loader delegate="false"/>
<property name="useMyFaces" value="true"/>

and bundle Mojarra 2.0 into the WAR as well, and it should work.

For upgrading the whole app server to Mojarra 2.0, see the release notes

I want to use Mojarra 2.0 with the new EL in Tomcat

Please see Cay's blog on the topic

Hudson concerns

I keep getting OutOfMemoryError. How do I fix it?

Make sure your -Xmx is high enough. 4096 works. Also, I've seen the need to add ulimit -h 4096 to the system.

Mojarra 2.0.0 Schedule

Mojarra 2.0.0 Schedule

Mojarra Code Coverage Information

Mojarra Code Coverage Information