1. About the Documentation

The documentation of JoinFaces 5.3.0 consists of two parts:

  • This Reference Guide

  • The Javadoc API

The latest copy of the user guide is available at docs.joinfaces.org/current/reference
and the corresponding javadocs can be found at docs.joinfaces.org/current/api.

Copies of this document may be made for your own use and for distribution to others, provided that you do not charge any fee for such copies and further provided that each copy contains this Copyright Notice, whether distributed in print or electronically.

All of JoinFaces is open source, including this documentation. The source can be found on GitHub.

2. Getting Started

JoinFaces enables JSF usage inside Spring Boot Applications.

If you’re not familiar with Spring Boot, you should read its Getting Started guide first.
Table 1. Official example projects
Build tool \ packaging jar war







2.1. System Requirements

Unless otherwise noted, JoinFaces has the same system requirements as Spring Boot 3.3.0.

Make sure to use JoinFaces only on the classpath and not on the modulepath.

2.2. Dependency Management

Each release of JoinFaces provides curated lists of dependencies that it supports:

  • joinfaces-bom contains dependency management information for all JoinFaces modules.

  • joinfaces-dependencies contains dependency management for external dependencies like Primefaces.

  • joinfaces-platform combines the first two together with Spring Boot’s dependency management

The joinfaces-platform BOM also imports the spring-boot-dependencies BOM. If you want to override the imported Spring Boot version, you can import joinfaces-bom, joinfaces-dependencies and the Spring Boot BOM separately.

Figure 1. Relationships between different BOMs

The complete list of managed versions can befound in the appendix Dependency versions.

2.3. Maven

Please also consult the official Spring Boot documentation: Link
        <relativePath/> <!-- lookup parent from repository -->





2.4. Gradle

Please also consult the official Spring Boot documentation: Link
plugins {
    id 'java' //or 'war'
    id 'org.springframework.boot' version '3.3.0'

dependencies {
    implementation platform('org.joinfaces:joinfaces-platform:5.3.0')
    implementation 'org.joinfaces:faces-spring-boot-starter'

    testImplementation 'org.springframework.boot:spring-boot-starter-test'

tasks.named('test') {

3. JoinFaces Features

3.1. Starters

There are many JoinFaces Starters available: six basic starters, meta starter, security starter, component starters, theme starter and extra starter.

While most of the starters can be combined, some starters are mutually exclusive:

  • mojarra3-spring-boot-starter, mojarra4-spring-boot-starter, myfaces3-spring-boot-starter and myfaces4-spring-boot-starter

  • weld-spring-boot-starter and openwebbeans-spring-boot-starter

You can use the table below to discover the starters that fit your needs.

Table 2. JoinFaces starters
Starter Description


Meta starter that pulls spring-boot-starter-tomcat and mojarra3-spring-boot-starter.


Meta starter that pulls spring-boot-starter-tomcat and mojarra4-spring-boot-starter.


Basic starter for Mojarra JSF implementation.


Basic starter for Mojarra JSF implementation.


Basic starter for MyFaces JSF implementation.


Basic starter for MyFaces JSF implementation.


Basic starter for Weld CDI Reference Implementation.


Basic starter for Apache OpenWebBeans CDI Implementation.


Security starter. Pulls faces-spring-boot-starter, spring-boot-starter-security and joinfaces-security-taglib.


Component starter for PrimeFaces, and PrimeFaces Extensions JSF Component libraries. Pulls faces-spring-boot-starter.


Component starter for OmniFaces JSF utility library. Pulls faces-spring-boot-starter and weld-spring-boot-starter.


Template and Theme starter for AdminFaces. Pulls primefaces-spring-boot-starter.

3.1.1. Not using Tomcat or Mojarra

faces-spring-boot-starter and jsf-spring-boot-starter pull Tomcat and Mojarra as defaults. If you want to change this, you have to exclude one starter and pull another one instead.

The principle behind this is the same as described here:

Example 1. Using MyFaces instead of Mojarra
dependencies {
    implementation "org.joinfaces:faces-spring-boot-starter"
    implementation "org.joinfaces:myfaces-spring-boot-starter"
    modules {
        module("org.joinfaces:mojarra4-spring-boot-starter") {
            replacedBy("org.joinfaces:myfaces4-spring-boot-starter", "Use MyFaces instead of Mojarra")
    // ...

3.2. Servlet-Context Init-Parameters

JSF implementations and JSF component libraries are usually configured using servlet context init parameters in web.xml:


Spring Boot based applications — especially when using jar-packaging — usually don’t have a web.xml file. Therefore JoinFaces maps these options to Spring Boot properties:


The full list of all properties can be found in the chapter Configuration Properties.

Most of these properties default to null, so the corresponding parameter isn’t set to the servlet-context. This allows the underlying library to use their own default behaviour.

If you need a to set a parameter which isn’t specially handled by JoinFaces, you can still set it using this generic way:


3.3. Library Specific Features

This section describes, what JoinFaces does for specific libraries.

3.3.1. AdminFaces

  • Configurations are mapped from the joinfaces.adminfaces.* properties.

  • Spring Component scan for selected com.github.adminfaces.template.*-packages.

  • primefaces.THEME is set to admin.

  • primefaces.FONT_AWESOME is set to true.

3.3.2. Mojarra

  • com.sun.faces.* servlet-context init-parameters are mapped from joinfaces.mojarra.* properties.

  • com.sun.faces.config.FacesInitializer is executed for embedded servlet containers.

3.3.3. MyFaces

  • org.apache.myfaces.* servlet-context init-parameters are mapped from joinfaces.myfaces.* properties.

  • org.apache.myfaces.ee.MyFacesContainerInitializer is executed for embedded servlet containers.

  • org.apache.myfaces.webapp.StartupServletContextListener is registered for embedded servlet containers.

  • A org.apache.myfaces.spi.AnnotationProvider implementation is provided for embedded servlet containers which reuses the classpath-scan results from MyFacesContainerInitializer.

3.3.4. OmniFaces

  • org.omnifaces.* servlet-context init-parameters are mapped from joinfaces.omnifaces.* properties.

  • org.omnifaces.facesviews.FacesViewsInitializer or org.omnifaces.ApplicationInitializer are executed for embedded servlet containers.

3.3.5. PrimeFaces

  • primefaces.* servlet-context init-parameters are mapped from joinfaces.primefaces.* properties.

3.3.6. Weld

  • org.jboss.weld.environment.servlet.EnhancedListener is executed for embedded servlet containers.

3.3.7. Apache OpenWebBeans

  • org.apache.webbeans.servlet.WebBeansConfigurationListener$Auto is executed for embedded servlet containers.

3.4. JSF and CDI scope-annotations support

JSF and CDI scope-annotations are automatically supported.

The following annotations can be used to define the scope of Spring beans:

3.4.2. New JSF Scope annotation (JSF >= 2.2)

3.4.3. Old JSF Scope annotations (JSF ⇐ 2.1)

The following annotations are only supported for backwards compatibility. New applications should only use the annotations above.

3.4.4. CDI Annotations

3.5. Spring Security JSF Facelet Tag support

JoinFaces enables Spring Security JSF Facelet Tag support in order to secure JSF pages. It will work if Spring Security is present at classpath.

Table 3. Spring Security JSF Facelet Tags
Tag Description


perform Spring Security authorization decisions, using attributes: ifAnyGranted, ifAllGranted, ifNotGranted, access, url, method, var.


verify if the user is anonymous.


verify if the user is not anonymous.


verify if the is not an anonymous or a remember-me user.

Table 4. Spring Security JSF Facelet Functions
Function Description


returns true if the user has all of of the given authorities.


returns true if the user has any of the given authorities.


returns true if the user does not have any of the given authorities.


returns true if the user is allowed to access the given URL and HTTP method combination.


returns true if user is anonymous.


returns true if the user is not anonymous.


returns true if the is not an anonymous or a remember-me user.

Spring Web Flow has similar feature. JoinFaces Spring Security JSF Facelet Tag has different tags and functions signatures, does not requires additional configuration nor require Spring Web Flow.

4. 'How-to' guides and FAQs

4.1. Traditional war deployment

JoinFaces can be used in traditional web applications which are deployed to an existing servlet-container.

  1. Create a deployable war file as descibed in the Spring Boot Reference Guide.

  2. Mark all dependencies as provided which will be provided by the server you are deploying to. (Keep in mind that full Java-EE servers like Glassfish or WebLogic already provide a JSF implementation and other Java-EE related libraries which the joinfaces starters have to pull in for embedded containers.)

  3. The Servlet and ServletFilter configurations through joinfaces.faces-servlet will not work correctly. You can configure those in the traditional way in web.xml if you need to.

4.2. Internationalization and Resources Bundles

JoinFaces based applications can use two different mechanisms for internationalization, which can be mixed up easily.

  1. JSF <resource-bundle>

  2. Spring MessageSource

We recommend to only use one of the mechanisms in order to avoid confusion. If you want to or have to use both anyways, keep in mind that these are different API’s which have to be configured differently and might behave slightly different.

4.2.1. JSF <resource-bundle>

JSF resource bundles work the same way in JoinFaces as they would in a plain JSF application.

Just declare the resources bundle in your faces-config.xml:


Doing so, allows you to access your messages like this: #{msg['foo.bar']}

The properties files of the resource bundle have to be ISO-8859-1 encoded.

4.2.2. Spring MessageSource

As second option, Spring’s own internationalization infrastructure (the MessageSource-API) can be used.

JoinFaces exposes the Spring MessageSource as Map through the sms bean, so it can be easily used from JSF EL: #{sms['my.message.key']}.

The MessageSource which is auto-configured by Spring Boot uses UTF-8 by default. This can be changed through the spring.messages.encoding property.

Appendix A: Configuration Properties

This appendix contains a alphabetical list of all properties handled by JoinFaces.

The properties already supported by Spring Boot itself aren’t listed here again. They can be found in the corresponding chapter of the Spring Boot Reference Guide.

## joinfaces.adminfaces
joinfaces.adminfaces.auto-hide-messages= # If true PrimeFaces info messages will be hidden after a certain timeout.
joinfaces.adminfaces.auto-show-navbar= # Automatic shows navbar when users scrolls page up (on small screens).
joinfaces.adminfaces.breadcrumb-size= # Number of breadcrumbs to queue before removing the older ones.
joinfaces.adminfaces.closable-loading= # When true, closeable loading is enabled.
joinfaces.adminfaces.date-format= # Date format used in error page (500.xhtml), by default it is JVM default format.
joinfaces.adminfaces.disable-filter= # Disables AdminFilter, responsible for redirecting user after session timeout, sending user to logon page when it is not logged in among other things.
joinfaces.adminfaces.enable-mobile-header= # When true, the mobile header is enabled.
joinfaces.adminfaces.enable-ripple= # When true it will create a wave/ripple effect on elements specified by rippleElements.
joinfaces.adminfaces.enable-slide-menu= # If true will make left menu touch enable (can be closed or opened via touch).
joinfaces.adminfaces.extension-less-urls= # Removes extension suffix from breadCrumb links.
joinfaces.adminfaces.icons-effect= # Enables material effect when icons (e.g modal close, calendar) are clicked.
joinfaces.adminfaces.ignored-resources= # Comma separated resources (pages or urls) to be skiped by AdminFilter.
joinfaces.adminfaces.index-page= # index page location.
joinfaces.adminfaces.loading-image= # image used for the loading popup.
joinfaces.adminfaces.login-page= # login page location (relative to webapp).
joinfaces.adminfaces.messages-hide-timeout= # Timeout to hide info messages.
joinfaces.adminfaces.render-ajax-status= # When false ajaxStatus, which triggers the loading bar on every ajax request, will not be rendered.
joinfaces.adminfaces.render-bread-crumb= # When false, the breadCrumb component, declared in admin template, will not be rendered.
joinfaces.adminfaces.render-control-sidebar= # When true it will activate control sidebar component.
joinfaces.adminfaces.render-form-asterisks= # When true, the asterisk on required form elements is rendered.
joinfaces.adminfaces.render-menu-search= # Enables or disables menu search.
joinfaces.adminfaces.render-messages= # When false, p:messages defined in admin template will not be rendered.
joinfaces.adminfaces.ripple-elements= # A list of comma separated list of (jquery) selector which elements will be affected by ripple effect.
joinfaces.adminfaces.ripple-mobile-only= # When true the ripple effect will be enabled only on mobile (small) screens.
joinfaces.adminfaces.skin= # Default template skin.
joinfaces.adminfaces.skip-message-detail-if-equals-summary= # When true, p:message will not show details if equals to summary.
joinfaces.adminfaces.template-path= # Template path.

## joinfaces.adminfaces.control-sidebar
joinfaces.adminfaces.control-sidebar.boxed-layout= # Boxed layout.
joinfaces.adminfaces.control-sidebar.dark-skin= # Changes control sidebar skin between dark and light.
joinfaces.adminfaces.control-sidebar.expand-on-hover= # When true left sidebar will expand on mouse hover.
joinfaces.adminfaces.control-sidebar.fixed= # When true control sidebar will be fixed on the page.
joinfaces.adminfaces.control-sidebar.fixed-layout= # Toggles fixed layout where navbar is fixed on the page.
joinfaces.adminfaces.control-sidebar.left-menu-template= # Switches layout between left (default) and top menu.
joinfaces.adminfaces.control-sidebar.show-on-mobile= # When true control sidebar will be also rendered on mobile devices.
joinfaces.adminfaces.control-sidebar.sidebar-collapsed= # When true left sidebar will be collapsed.

## joinfaces.faces
joinfaces.faces.always-perform-validation-when-required-is-true= # If this param is set, and calling toLowerCase().equals("true") on a String representation of its value returns true, validation must be performed, even when there is no corresponding value for this component in the incoming request.
joinfaces.faces.automatic-extensionless-mapping= # The ServletContext init parameter consulted by the runtime to tell if the automatic mapping of the FacesServlet to the extensionless variant (without *.xhtml) should be enabled.
joinfaces.faces.client-window-mode= # The context-param that controls the operation of the {@code ClientWindow} feature.
joinfaces.faces.config-files= # Comma-delimited list of context-relative resource paths under which the Jakarta Faces implementation will look for application configuration resources (see Application Configuration Resource Format), before loading a configuration resource named “/WEB-INF/faces-config.xml” (if such a resource exists).
joinfaces.faces.datetimeconverter-default-timezone-is-system-timezone= # Controls if DateTimeConverter instances use the system timezone (if true) or GMT (if false).
joinfaces.faces.default-suffix= # Allow the web application to define an alternate suffix for Jakarta Server Pages pages containing Jakarta Faces content.
joinfaces.faces.disable-facelet-jsf-viewhandler= # If this param is set, and true, the default ViewHandler must behave as specified in the latest 1.2 version of this specification.
joinfaces.faces.disable-facesservlet-to-xhtml= # The {@code ServletContext} init parameter consulted by the runtime to tell if the automatic mapping of the {@code FacesServlet} to the extension {@code *.xhtml} should be disabled.
joinfaces.faces.enable-websocket-endpoint= # The boolean context parameter name to explicitly enable web socket endpoint during startup.
joinfaces.faces.facelets-buffer-size= # The buffer size set on the response.
joinfaces.faces.facelets-decorators= # TagDecorator implementations.
joinfaces.faces.facelets-libraries= # Semicolon-separated list of paths to Facelet tag libraries.
joinfaces.faces.facelets-refresh-period= # Time in seconds that facelets should be checked for changes since last request.
joinfaces.faces.facelets-resource-resolver= # An implementation of jakarta.faces.view.facelets.ResourceResolver.
joinfaces.faces.facelets-skip-comments= # If true, strip XML comments out of Facelets before delivering to the client.
joinfaces.faces.facelets-suffix= # Set the suffix for Facelet xhtml files.
joinfaces.faces.facelets-view-mappings= # Semicolon-separated list of Facelet files that don't use the default facelets suffix.
joinfaces.faces.full-state-saving-view-ids= # Semicolon-separated list of view IDs that must save state using the JSF 1.2-style state saving.
joinfaces.faces.honor-current-component-attributes= # The {@code ServletContext} init parameter consulted by the {@code UIComponent} to tell whether or not the {@link UIComponent#CURRENT_COMPONENT} and {@link UIComponent#CURRENT_COMPOSITE_COMPONENT} attribute keys should be honored as specified.
joinfaces.faces.interpret-empty-string-submitted-values-as-null= # If true, consider empty UIInput values to be null instead of empty string.
joinfaces.faces.lifecycle-id= # ID for alternate Lifecycle implementations.
joinfaces.faces.number-of-client-windows= # Indicate the max number of ClientWindows, which is used by ClientWindowScoped.
joinfaces.faces.partial-state-saving= # If true, use the JSF2 partial state saving for views.
joinfaces.faces.project-stage= # Set the project stage to "Development", "UnitTest", "SystemTest", or "Production".
joinfaces.faces.resource-excludes= # A space separated list of resource extensions for types that shouldn't be served by the ResourceHandler implementation.
joinfaces.faces.separator-char= # The context-param that allows the separator char for clientId strings to be set on a per-web application basis.
joinfaces.faces.serialize-server-state= # If this param is set, and calling toLowerCase().equals("true") on a String representation of its value returns true, and the jakarta.faces.STATE_SAVING_METHOD is set to "server" (as indicated below), the server state must be guaranteed to be Serializable such that the aggregate state implements java.io.Serializable.
joinfaces.faces.state-saving-method= # "server" or "client".
joinfaces.faces.validate-empty-fields= # If "true", validate null and empty values.
joinfaces.faces.viewroot-phase-listener-queues-exceptions= # If this param is set, and calling toLowerCase().equals("true") on a String representation of its value returns true, exceptions thrown by {@link PhaseListener}s installed on the {@code UIViewRoot} are queued to the {@link jakarta.faces.context.ExceptionHandler} instead of being logged and swallowed.
joinfaces.faces.webapp-contracts-directory= # If a {@code <context-param>} with the param name equal to the value of {@link ResourceHandler#WEBAPP_CONTRACTS_DIRECTORY_PARAM_NAME} exists, the runtime must interpret its value as a path, relative to the web app root, where resource library contracts are to be located.
joinfaces.faces.webapp-resources-directory= # If a {@code <context-param>} with the param name equal to the value of {@link ResourceHandler#WEBAPP_RESOURCES_DIRECTORY_PARAM_NAME} exists, the runtime must interpret its value as a path, relative to the web app root, where resources are to be located.
joinfaces.faces.websocket-endpoint-port= # The integer context parameter name to specify the websocket endpoint port when it's different from HTTP port.

## joinfaces.faces-servlet
# Configures the FacesServlet handled by JoinFaces.
joinfaces.faces-servlet.enabled=true # If the FacesServlet should be actively handled by Joinfaces.
joinfaces.faces-servlet.order=0 # The order-property for the ServletRegistrationBean.

## joinfaces.faces.validator
joinfaces.faces.validator.disable-default-bean-validator= # If "true", disable JSR-303 Bean Validation.
joinfaces.faces.validator.enable-validate-whole-bean= # If this param is set, and calling toLowerCase().equals("true") on a String representation of its value returns true, the <f:validateWholeBean /> tag is enabled.

## joinfaces.jetty
joinfaces.jetty.class-path-resource=META-INF/resources # Classpath to find jsf resources Default to META-INF/resources.

## joinfaces.mojarra
joinfaces.mojarra.allow-text-children= # If true, allow children of h:inputText and h:outputText to be rendered.
joinfaces.mojarra.allowed-http-methods= # A white space separated list of case sensitive HTTP method names that are allowed to be processed by this servlet. * means allow all.
joinfaces.mojarra.annotation-scan-packages= # The value of this context init parameter is a whitespace separated list of values that control which class packages are scanned for jakarta.faces annotations.
joinfaces.mojarra.auto-complete-off-on-view-state= # If false, don't use autocomplete="off" on view state hidden input field.
joinfaces.mojarra.cache-resource-modification-timestamp= # If true, cache the modification time of the resource and use the cached time to tell if the resource needs to be refreshed.
joinfaces.mojarra.client-state-timeout= # Maximum time, in seconds, that client state will be considered valid by the default StateManager/ResponseStateManager implementations.
joinfaces.mojarra.client-state-write-buffer-size= # The size, in bytes, of the buffer that is used to write client state.
joinfaces.mojarra.compress-java-script= # If true, then the JavaScript rendered by h:commandLink will be compressed to reduce the amount of whitespace transmitted in the response.
joinfaces.mojarra.compress-view-state= # When true, the view is compressed after it is serialized and before base64 encoded.
joinfaces.mojarra.compressable-mime-types= # Specify mime types that should be gzip compressed.
joinfaces.mojarra.default-resource-max-age= # This affects the value of the Expires response header that will be sent for a resource.
joinfaces.mojarra.disable-client-state-encryption= # Since Mojarra 2.2, the client state is by default always encrypted.
joinfaces.mojarra.disable-id-uniqueness-check= # If true, then component ID uniqueness won't be checked if ProjectStage is Production to enhance performance.
joinfaces.mojarra.disable-unicode-escaping=false # By default any characters above a certain range will be escaped as either an HTML entity or a decimal reference.
joinfaces.mojarra.disable-version-tracking= # Javadoc not found.
joinfaces.mojarra.disallow-doctype-decl= # When this context param is set to true, this would set a feature on the SAX parser to disallow DOCTYPE declarations.
joinfaces.mojarra.display-configuration= # If true then all web configuration information (context initialization parameters and environment entries) will be written to the log.
joinfaces.mojarra.duplicate-j-a-r-pattern= # Javadoc not found.
joinfaces.mojarra.enable-agressive-session-dirtying= # If true, makes it so every session attribute is touched in for every request through the lifecycle.
joinfaces.mojarra.enable-client-state-debugging= # When true, the client state will as test be unserialized before writing and any serialization exceptions will be logged aInteger with a debug path to the cause of the serialization error.
joinfaces.mojarra.enable-core-tag-lib-validator= # When true, enable validation of standard Core TagLibs, at the expense of a slightly slower start time.
joinfaces.mojarra.enable-distributable= # If true, signal JSF that the application is deployed to a clustered environment, so that session dirtying will be explicitly performed, hereby forcing session replication.
joinfaces.mojarra.enable-facelets-resource-resolver-composite-components= # See issue 3684 for details.
joinfaces.mojarra.enable-groovy-scripting= # Javadoc not found.
joinfaces.mojarra.enable-html-tag-lib-validator= # When true, enable validation of standard Html TagLibs, at the expense of a slightly slower start time.
joinfaces.mojarra.enable-http-method-restriction-phase-listener= # add the HttpMethodRestrictionPhaseListener if the parameter is enabled.
joinfaces.mojarra.enable-j-s-style-hiding= # Javadoc not found.
joinfaces.mojarra.enable-lazy-bean-validation= # When true, managed beans will be validated when first created.
joinfaces.mojarra.enable-missing-resource-library-detection= # If enabled, the runtime will check for the existence of a resource library before checking for the resource itself.
joinfaces.mojarra.enable-restore-view11-compatibility= # Javadoc not found.
joinfaces.mojarra.enable-scripts-in-attribute-values= # If false, attribute values with javascript: or script: will not be rendered within attribute values to prevent potential XSS attacks.
joinfaces.mojarra.enable-threading= # When enabled, the runtime initialization and default ResourceHandler implementation will use threads to perform their functions.
joinfaces.mojarra.enable-transition-time-no-op-flash= # If true, the act of calling getExternalContext().getFlash() on the FacesContext at startup or shutdown time will cause a no-op implementation of the Flash to be returned.
joinfaces.mojarra.enable-view-state-id-rendering= # If true, the view state hidden field will be rendered with both the id and name attributes having the value of "jakarta.faces.ViewState".
joinfaces.mojarra.enabled-js-style-hiding= # If true, inlined JavaScript rendered by the HTML ResponseWriter implementation will be rendered so that the script is hidden from older browser implementations which does not recognize {@code <script/>} elements.
joinfaces.mojarra.enabled-load-bundle11-compatibility= # Javadoc not found.
joinfaces.mojarra.expression-factory= # This parameter specifies a class that implements the ExpressionFactory.
joinfaces.mojarra.facelet-cache= # Javadoc not found.
joinfaces.mojarra.facelet-factory= # The value of this option is a fully qualfified class that extends the com.sun.faces.facelets.FaceletFactory abstract class.
joinfaces.mojarra.facelets-processing-file-extension-process-as= # Javadoc not found.
joinfaces.mojarra.force-always-write-flash-cookie= # If true, then the flash cookie will always be written, regardless of whether or not the flash has data.
joinfaces.mojarra.force-load-configuration= # There is a chance for an NPE in com.sun.faces.application.WebappLifecycleListener with some configurations.
joinfaces.mojarra.generate-unique-server-state-ids= # If true, generate random server view state ids.
joinfaces.mojarra.injection-provider= # This parameter specifies a class that implements the InjectionProvider.
joinfaces.mojarra.managed-bean-factory-decorator= # Javadoc not found.
joinfaces.mojarra.namespace-parameters= # If true, then view state hidden field is namespaced according to NamingContainer rules.
joinfaces.mojarra.number-of-concurrent-flash-users= # Number of concurrent flash users.
joinfaces.mojarra.number-of-flashes-between-flash-reapings= # Number flashes between flash repaings.
joinfaces.mojarra.number-of-logical-views= # Defines the maximum number of serialized views stored in the session.
joinfaces.mojarra.number-of-views-in-session= # Definies the maximum number of serialized logical views per view.
joinfaces.mojarra.prefer-xhtml= # For the case where a browser supports XHTML and HTML without a quality.
joinfaces.mojarra.register-converter-property-editors= # If true, allow EL Coercion to use JSF Custom converters.
joinfaces.mojarra.resource-update-check-period= # When jakarta.faces.PROJECT_STATE is Production, UnitTest, or SystemTest resource paths will be cached to reduce the overhead of resource path compuation.
joinfaces.mojarra.response-buffer-size= # This parameter specifies the size, in bytes, of the buffer that is used to write all generated JSP content excluding state.
joinfaces.mojarra.send-powered-by-header= # The servlet specification defines an optional header that can be sent by a container to communicate the version of the JSP/Servlet the response was generated by.
joinfaces.mojarra.serialization-provider= # This parameter specifies a class that implements the SerializationProvider SPI.
joinfaces.mojarra.serialize-server-state= # If enabled the component state (not the tree) will be serialized before being stored in the session.
joinfaces.mojarra.validate-xml= # When true, enable validation of faces-config.xml files, at the expense of a slightly slower start time.
joinfaces.mojarra.verify-objects= # When true, JSF makes during startup sure all that registered managed beans components, validators, etc can be instantiated by the runtime, at the expense of a slightly slower start time.
joinfaces.mojarra.write-state-at-form-end= # Per the renderkit doc specification, the state information for the view will be written out prior to closing the form tag.

## joinfaces.myfaces
joinfaces.myfaces.algorithm= # Indicate the encryption algorithm used for encrypt the view state.
joinfaces.myfaces.algorithm-iv= # Defines the initialization vector (Base64 encoded) used for the encryption algorithm.
joinfaces.myfaces.algorithm-parameters= # Defines the default mode and padding used for the encryption algorithm.
joinfaces.myfaces.allow-javascript= # This parameter tells MyFaces if javascript code should be allowed in the rendered HTML output.
joinfaces.myfaces.always-force-session-creation= # Defines if a session should be created (if one does not exist) before response rendering.
joinfaces.myfaces.autocomplete-off-view-state= # Add autocomplete="off" to the view state hidden field.
joinfaces.myfaces.automatic-extensionless-mapping= # This parameter enables automatic extensionless mapping for all JSF views.
joinfaces.myfaces.cache-el-expressions= # Indicates if expressions generated by facelets should be cached or not.
joinfaces.myfaces.cache-old-views-in-session-mode= # This parameter has been removed from 2.
joinfaces.myfaces.cdi-managed-converters-enabled= # Enable or disable CDI support for converters.
joinfaces.myfaces.cdi-managed-validators-enabled= # Enable or disable CDI support for validators.
joinfaces.myfaces.check-id-production-mode= # Define how duplicate ids are checked when ProjectStage is Production, by default (auto) it only check ids of components that does not encapsulate markup (like facelets UILeaf).
joinfaces.myfaces.checked-viewid-cache-enabled= # Enable or disable a cache used to 'remember' if a view exists or not and reduce the impact " + "of sucesive calls to ExternalContext.getResource().
joinfaces.myfaces.checked-viewid-cache-size= # Controls the size of the cache used to 'remember' if a view exists or not.
joinfaces.myfaces.clear-input-when-submitted-value-is-null-or-empty= # When CLEAR_INPUT_WHEN_SUBMITTED_VALUE_IS_NULL_OR_EMPTY is enabled, input fields will be cleared when null or empty values are submitted.
joinfaces.myfaces.client-view-state-timeout= # Define the time in minutes where the view state is valid when client side state saving is used.
joinfaces.myfaces.component-unique-ids-cache-size= # Set the size of the cache used to store strings generated using SectionUniqueIdCounter for component ids.
joinfaces.myfaces.compress-state-in-client= # Indicate if the view state should be compressed before encrypted(optional) and encoded.
joinfaces.myfaces.compress-state-in-session= # Indicates that the serialized state will be compressed before it is written to the session.
joinfaces.myfaces.config-refresh-period= # Set the time in seconds that check for updates of web.
joinfaces.myfaces.debug-phase-listener= # Enable/disable DebugPhaseListener feature, with provide useful information about ValueHolder variables (submittedValue, localValue, value).
joinfaces.myfaces.debug-template-resource= # Indicate the template name used to render the default debug page (see ui:debug tag).
joinfaces.myfaces.default-response-writer-content-type-mode= # Define the default content type that the default ResponseWriter generates, when no match can be derived from HTTP Accept Header.
joinfaces.myfaces.default-window-mode= # no description.
joinfaces.myfaces.delegate-faces-servlet= # Define an alternate class name that will be used to initialize MyFaces, instead the default jakarta.
joinfaces.myfaces.early-flush-enabled= # Enable or disable an early flush which allows to send e.g. the HTML-Head to the client " + "while the rest gets rendered.
joinfaces.myfaces.el-resolver-comparator= # The Class of an {@code Comparator<ELResolver/>} implementation.
joinfaces.myfaces.el-resolver-predicate= # The {@link Class} of an {@code Predicate<ELResolver>} implementation.
joinfaces.myfaces.el-resolver-tracing= # Defines if ELResolvers should be traced on each request and logged.
joinfaces.myfaces.enum-converter-allow-string-passtrough= # If value is a String instance and this param is true, pass it directly without try any change.
joinfaces.myfaces.error-handler= # Deprecated: use JSF 2.0 ExceptionHandler.
joinfaces.myfaces.error-handling= # Indicate if myfaces is responsible to handle errors.
joinfaces.myfaces.error-template-resource= # Indicate the template name used to render the default error page used by MyFaces specific error handler implementation.
joinfaces.myfaces.expression-factory= # This parameter specifies the ExpressionFactory implementation to use.
joinfaces.myfaces.faces-flow-client-window-ids-in-session= # Indicate the max number of client window ids stored into session by faces flow.
joinfaces.myfaces.faces-init-plugins= # comma delimited list of plugin classes which can be hooked into myfaces.
joinfaces.myfaces.faces-initializer= # Class name of a custom FacesInitializer implementation.
joinfaces.myfaces.flash-scope-disabled= # Defines whether flash scope is disabled, preventing add the Flash cookie to the response.
joinfaces.myfaces.gae-jsf-annotations-jar-files= # When the application runs inside Google Application Engine container (GAE), indicate which jar files should be scanned for annotations.
joinfaces.myfaces.gae-jsf-jar-files= # When the application runs inside Google Application Engine container (GAE), indicate which jar files should be scanned for files (faces-config, facelets taglib or annotations).
joinfaces.myfaces.initialize-always-standalone= # If this param is set to true, the check for faces servlet mapping is not done.
joinfaces.myfaces.initialize-skip-jar-faces-config-scan= # If the flag is true, the algoritm skip jar scanning for faces-config files to check if the current application requires FacesServlet to be added dynamically (servlet spec 3).
joinfaces.myfaces.jsf-js-mode= # Define the mode used for jsf.
joinfaces.myfaces.jsp-suffix= # JSP Suffix.
joinfaces.myfaces.lazy-load-config-objects= # Indicate if the classes associated to components, converters, validators or behaviors should be loaded as soon as they are added to the current application instance or instead loaded in a lazy way.
joinfaces.myfaces.log-web-context-params= # Indicate if log all web config params should be done before initialize the webapp.
joinfaces.myfaces.mac-algorithm= # Indicate the algorithm used to calculate the Message Authentication Code that is added to the view state.
joinfaces.myfaces.mac-secret= # Define the initialization code that are used to initialize the secret key used on the Message Authentication Code algorithm.
joinfaces.myfaces.mac-secret-cache= # If is set to "false", the secret key used for MAC algorithm is not cached.
joinfaces.myfaces.mark-initial-state-when-apply-build-view= # no description.
joinfaces.myfaces.number-of-flash-tokens-in-session= # Indicate the max number of flash tokens stored into session.
joinfaces.myfaces.number-of-sequential-views-in-session= # Indicates the amount of views (default is not active) that should be stored in session between sequential POST or POST-REDIRECT-GET if org.
joinfaces.myfaces.number-of-views-in-session= # Defines the amount (default = 20) of the latest views are stored in session.
joinfaces.myfaces.pretty-html= # If true, rendered HTML code will be formatted, so that it is "human readable".
joinfaces.myfaces.random-key-in-csrf-session-token= # Defines how to generate the csrf session token.
joinfaces.myfaces.random-key-in-csrf-session-token-length= # Set the default length of the random key used for the csrf session token.
joinfaces.myfaces.random-key-in-csrf-session-token-secure-random-algoritm= # Sets the random algorithm to initialize the secure random id generator.
joinfaces.myfaces.random-key-in-csrf-session-token-secure-random-class= # Sets the random class to initialize the secure random id generator.
joinfaces.myfaces.random-key-in-csrf-session-token-secure-random-provider= # Sets the random provider to initialize the secure random id generator.
joinfaces.myfaces.random-key-in-view-state-session-token= # Adds a random key to the generated view state session token.
joinfaces.myfaces.random-key-in-view-state-session-token-length= # Set the default length of the random key added to the view state session token.
joinfaces.myfaces.random-key-in-view-state-session-token-secure-random-algorithm= # Sets the random algorithm to initialize the secure random id generator.
joinfaces.myfaces.random-key-in-view-state-session-token-secure-random-class= # Sets the random class to initialize the secure random id generator.
joinfaces.myfaces.random-key-in-view-state-session-token-secure-random-provider= # Sets the random provider to initialize the secure random id generator.
joinfaces.myfaces.refresh-transient-build-on-pss= # Indicate if the facelet associated to the view should be reapplied when the view is refreshed.
joinfaces.myfaces.refresh-transient-build-on-pss-preserve-state= # Enable or disable a special mode that enable full state for parent components containing c:if, c:forEach, c:choose and ui:include with src=ELExpression.
joinfaces.myfaces.render-clear-javascript-for-button= # This param renders the clear javascript on button necessary only for compatibility with hidden fields feature of myfaces.
joinfaces.myfaces.render-clientbehavior-scripts-as-string= # Defines if the clientbehavior scripts are passed as string or function to the jsf.
joinfaces.myfaces.render-form-submit-script-inline= # If set true, render the form submit script inline, as in myfaces core 1.
joinfaces.myfaces.render-form-view-state-at-begin= # This param makes h:form component to render the view state and other hidden fields at the beginning of the form.
joinfaces.myfaces.render-hidden-fields-for-link-params= # This param renders hidden fields at the end of h:form for link params when h:commandLink + f:param is used, instead use javascript to create them.
joinfaces.myfaces.render-viewstate-id= # Define if the input field that should store the state.
joinfaces.myfaces.resource-buffer-size= # Define the default buffer size that is used between Resource.
joinfaces.myfaces.resource-bundle-control= # Defines the {@link java.util.ResourceBundle.Control} to use for all {@link java.util.ResourceBundle#getBundle(java.lang.String)} calls.
joinfaces.myfaces.resource-cache-last-modified= # Defines if the last-modified should be cached of the resources when the ProjectStage is Production.
joinfaces.myfaces.resource-handler-cache-enabled= # Enable or disable the cache used to "remember" if a resource handled by the default ResourceHandler exists or not.
joinfaces.myfaces.resource-handler-cache-size= # Controls the size of the cache used to check if a resource exists or not.
joinfaces.myfaces.resource-max-time-expires= # Set the max time in miliseconds set on the "Expires" header for a resource rendered by the default ResourceHandler.
joinfaces.myfaces.save-form-submit-link-ie= # Add a code that save the form before submit using a link.
joinfaces.myfaces.secret= # Defines the secret (Base64 encoded) used to initialize the secret key for encryption algorithm.
joinfaces.myfaces.secret-cache= # If is set to "false", the secret key used for encryption algorithm is not cached.
joinfaces.myfaces.serial-factory= # Defines the factory class name using for serialize/deserialize the view state returned by state manager into a byte array.
joinfaces.myfaces.serialize-state-in-session= # Indicate if the state should be serialized before save it on the session.
joinfaces.myfaces.service-provider-finder= # Class name of a custom ServiceProviderFinder implementation.
joinfaces.myfaces.strict-jsf2-allow-slash-library-name= # Allow slash in the library name of a Resource.
joinfaces.myfaces.strict-jsf2-cc-el-resolver= # Change default getType() behavior for composite component EL resolver, from return null (see JSF 2_0 spec section 5_6_2_2) to use the metadata information added by composite:attribute, ensuring components working with chained EL expressions to find the right type when a getType() is called over the source EL expression.
joinfaces.myfaces.strict-jsf2-facelets-compatibility= # This param makes components like c:set, ui:param and templating components like ui:decorate, ui:composition and ui:include to behave like the ones provided originally in facelets 1_1_x.
joinfaces.myfaces.strict-jsf2-refresh-target-ajax= # Detect if a target (usually head) should be update for the current view in an ajax render operation.
joinfaces.myfaces.strict-jsf2-view-not-found= # If this param is set to true, a check will be done in Restore View Phase to check if the viewId exists or not and if it does not exists, a 404 response will be thrown.
joinfaces.myfaces.strict-xhtml-links= # Use {@code &amp;} entity instead a plain {@code &} character within HTML.
joinfaces.myfaces.support-el3-import-handler= # This parameter specifies whether or not the ImportHandler will be supported.
joinfaces.myfaces.support-jsp-and-faces-el=false # If set false, myfaces won't support JSP and jakarta.faces.el.
joinfaces.myfaces.support-managed-beans=false # If set false, myfaces won't support ManagedBeans anymore.
joinfaces.myfaces.temporal-resourcehandler-cache-enabled= # If this param is set to true (default false), a temporal directory is created and all files handled by this ResourceLoader are cached there, avoiding the problem described on MYFACES-3586.
joinfaces.myfaces.use-encryption= # Indicate if the view state is encrypted or not.
joinfaces.myfaces.use-flash-scope-purge-views-in-session= # Allow use flash scope to keep track of the views used in session and the previous ones, so server side state saving can delete old views even if POST-REDIRECT-GET pattern is used.
joinfaces.myfaces.use-lambda-metafactory= # Defines if Lambda expressions (via LambdaMetafactory) are used for getter/setter instead of Reflection.
joinfaces.myfaces.use-multiple-js-files-for-jsf-uncompressed-js= # If this param is true and the project stage is development mode, the source javascript files will be loaded separately instead have all in just one file, to preserve line numbers and make javascript debugging of the default jsf javascript file more simple.
joinfaces.myfaces.validate= # Validate if the managed beans and navigations rules are correct.
joinfaces.myfaces.validate-xml= # If set to true, tag library XML files and faces config XML files using schema will be validated during application start up.
joinfaces.myfaces.view-pool-deferred-navigation= # Defines if the view pool uses deferred navigation to recycle views when navigation is performed.
joinfaces.myfaces.view-pool-entry-mode= # Defines the type of memory reference that is used to hold the view into memory.
joinfaces.myfaces.view-pool-max-dynamic-partial-limit= # Defines the limit of the views that cannot be reused partially.
joinfaces.myfaces.view-pool-max-pool-size= # Defines the number of views to be hold per each view metadata definition.
joinfaces.myfaces.view-unique-ids-cache-enabled= # Enable or disable a cache used to 'remember' the generated facelets unique ids " + "and reduce the impact over memory usage.
joinfaces.myfaces.viewid-derive-cache-enabled= # Enable or disable the cache used to 'remember' the derived viewId from the rawViewId.
joinfaces.myfaces.viewid-protected-cache-enabled= # Enable or disable the cache used to 'remember' if a view is protected or not.
joinfaces.myfaces.viewstate-javascript= # Set the view state using a javascript function instead a hidden input field.
joinfaces.myfaces.wrap-script-content-with-xml-comment-tag= # Wrap content inside script with xml comment to prevent old browsers to display it.
joinfaces.myfaces.wrap-tag-exceptions-as-context-aware= # Wrap exception caused by calls to EL expressions, so information like the location, expression string and tag name can be retrieved by the ExceptionHandler implementation and used to output meaningful information about itself.

## joinfaces.myfaces.annotation
joinfaces.myfaces.annotation.scan-packages= # Servlet context init parameter which defines which packages to scan for beans, separated by commas.
joinfaces.myfaces.annotation.use-cdi-for-annotation-scanning= # Defines if CDI should be used for annotation scanning to improve the startup performance.

## joinfaces.myfaces.spi
joinfaces.myfaces.spi.injection-provider= # no description.

## joinfaces.myfaces.validator
joinfaces.myfaces.validator.bean-before-jsf-validation= # Enforce f:validateBean to be called first before any JSF validator.

## joinfaces.omnifaces
joinfaces.omnifaces.cache-install-buffer-filter= # Boolean that when true installs a Servlet Filter (Servlet 3.0+ only) that works in conjunction with the useBuffer attribute of the Cache component to enable an alternative way to grab the content that needs to be cached.
joinfaces.omnifaces.cache-provider= # org.omnifaces.CACHE_PROVIDER.
joinfaces.omnifaces.cache-setting-application-max-capacity= # Sets the maximum number of elements that will be stored per web module (application scope).
joinfaces.omnifaces.cache-setting-application-ttl= # Sets the maximum amount of time in seconds that cached content is valid for the application scope.
joinfaces.omnifaces.cache-setting-session-max-capacity= # Sets the maximum number of elements that will be stored per session.
joinfaces.omnifaces.cache-setting-session-ttl= # Sets the maximum amount of time in seconds that cached content is valid for the session scope.
joinfaces.omnifaces.cdn-resource-handler-disabled= # org.omnifaces.CDN_RESOURCE_HANDLER_DISABLED.
joinfaces.omnifaces.cdn-resource-handler-urls= # org.omnifaces.CDN_RESOURCE_HANDLER_URLS.
joinfaces.omnifaces.combined-resource-handler-cache-ttl= # Set with a value greater than 0 to activate server-side caching of the combined resource files.
joinfaces.omnifaces.combined-resource-handler-disabled= # org.omnifaces.COMBINED_RESOURCE_HANDLER_DISABLED.
joinfaces.omnifaces.combined-resource-handler-excluded-resources= # List of resource identifiers of {@code <h:head>} resources which needs to be excluded from combining.
joinfaces.omnifaces.combined-resource-handler-inline-css= # Set to {@code true} if you want to render the combined CSS resources inline (embedded in HTML) instead of as a resource.
joinfaces.omnifaces.combined-resource-handler-inline-js= # Set to {@code true} if you want to render the combined JS resources inline (embedded in HTML) instead of as a resource.
joinfaces.omnifaces.combined-resource-handler-suppressed-resources= # List of resource identifiers of {@code <h:head>} resources which needs to be suppressed and removed.
joinfaces.omnifaces.defaultcache= # org.omnifaces.defaultcache.
joinfaces.omnifaces.exception-types-to-unwrap= # org.omnifaces.EXCEPTION_TYPES_TO_UNWRAP.
joinfaces.omnifaces.faces-views-dispatch-method= # org.omnifaces.FACES_VIEWS_DISPATCH_METHOD.
joinfaces.omnifaces.faces-views-enabled= # org.omnifaces.FACES_VIEWS_ENABLED.
joinfaces.omnifaces.faces-views-extension-action= # org.omnifaces.FACES_VIEWS_EXTENSION_ACTION.
joinfaces.omnifaces.faces-views-filter-after-declared-filters= # org.omnifaces.FACES_VIEWS_FILTER_AFTER_DECLARED_FILTERS.
joinfaces.omnifaces.faces-views-path-action= # org.omnifaces.FACES_VIEWS_PATH_ACTION.
joinfaces.omnifaces.faces-views-scan-paths= # List of paths that are to be scanned by faces views.
joinfaces.omnifaces.faces-views-scanned-views-always-extensionless= # org.omnifaces.FACES_VIEWS_SCANNED_VIEWS_ALWAYS_EXTENSIONLESS.
joinfaces.omnifaces.faces-views-view-handler-mode= # org.omnifaces.FACES_VIEWS_VIEW_HANDLER_MODE.
joinfaces.omnifaces.html5-render-kit-passthrough-attributes= # org.omnifaces.HTML5_RENDER_KIT_PASSTHROUGH_ATTRIBUTES.

## joinfaces.primefaces
joinfaces.primefaces.cache-provider= # A cache store is required to use the cache component, two different providers are supported as cache implementation; EHCache and Hazelcast.
joinfaces.primefaces.client-side-validation= # Controls client side validatation.
joinfaces.primefaces.dir= # Defines orientation, ltr or rtl.
joinfaces.primefaces.font-awesome= # Enabled font-awesome icons.
joinfaces.primefaces.legacy-widget-namespace= # Enables window scope so that widgets can be accessed using widgetVar.method() in addition to default PF namespace approach like PF('widgetVar').method().
joinfaces.primefaces.private-captcha-key= # Private reCaptcha key.
joinfaces.primefaces.public-captcha-key= # Public reCaptcha key.
joinfaces.primefaces.push-server-url= # Custom server url for PrimeFaces Push.
joinfaces.primefaces.reset-values= # When enabled, ajax updated inputs are reset first.
joinfaces.primefaces.secret=primefaces # Secret key to encrypt-decrypt value expressions exposed in rendering StreamedContents.
joinfaces.primefaces.submit= # Defines ajax submit mode, full or partial.
joinfaces.primefaces.theme= # Theme of the application.
joinfaces.primefaces.transform-metadata= # Transforms bean validation metadata to html attributes.
joinfaces.primefaces.uploader= # Defines uploader mode; auto, native or commons.

## joinfaces.primefaces.file-upload-filter
joinfaces.primefaces.file-upload-filter.name=PrimeFaces FileUpload Filter # Name for the Primefaces FileUpload Filter.
joinfaces.primefaces.file-upload-filter.order= # Order for the PrimeFaces FileUpload Filter.
joinfaces.primefaces.file-upload-filter.threshold-size= # Maximum file size in bytes to keep uploaded files in memory.
joinfaces.primefaces.file-upload-filter.upload-directory= # Disk repository path to keep temporary files that exceeds the threshold size.

## joinfaces.primefaces.mobile
joinfaces.primefaces.mobile.theme= # Theme of the mobile application.

## joinfaces.rewrite
joinfaces.rewrite.base-packages=none # Retrieve the optional package filter configuration parameter.
joinfaces.rewrite.config-reloading= # Reload configuration.
joinfaces.rewrite.scan-classes-directory= # Does the user not want to scan the WEB-INF/classes directory.
joinfaces.rewrite.scan-lib-directory= # Does the user want to scan the WEB-INF/lib directory.

## joinfaces.rewrite.annotation-config-provider

## joinfaces.rewrite.filter
joinfaces.rewrite.filter.dispatcher-types=forward,include,request,async,error # Dispatcher types for the RewriteFilter as defined in the Servlet Specification.
joinfaces.rewrite.filter.enabled=true # If the RewriteFilter should be actively handled by JoinFaces.
joinfaces.rewrite.filter.order= # The order of the RewriteFilter.
joinfaces.rewrite.filter.url-patterns=/* # URL patterns for the RewriteFilter as defined in the Servlet Specification.

## joinfaces.scope-configurer

## joinfaces.scope-configurer.cdi
joinfaces.scope-configurer.cdi.order= # Order of the BeanFactoryPostProcessor.

## joinfaces.scope-configurer.faces
joinfaces.scope-configurer.faces.order= # Order of the BeanFactoryPostProcessor.

## joinfaces.scope-configurer.jsf
joinfaces.scope-configurer.jsf.order= # Order of the BeanFactoryPostProcessor.

## joinfaces.undertow
joinfaces.undertow.class-path-resource=META-INF/resources # Classpath to find jsf resources Default to META-INF/resources.

## joinfaces.view-scope
joinfaces.view-scope.enabled=true # Enables the registration of JoinFaces view scope implementation.

Appendix B: Dependency versions

The versions already handled by the dependency management of Spring Boot aren’t listed here again. The can be found in the corresponding chapter of the Spring Boot Reference Guide.
Group ID Artifact ID Version