Well, there is an option. If you are using MyFaces implementation of JSF 1.2 (I use MyFaces1.2.3), your previous decorator Servlet should extend from org.apache.myfaces.webapp.MyFacesServlet. Well, I admit that inheritance is evil. If I find a better way to still work with decorator pattern, I will certainly post the updates here.

Client-side State Saving:

If your JSF web application employs Client-side state saving, you are more than likely to get a "javax.crypto.BadPaddingException: Given final block not properly padded"

Encryption of client-side state saving is supposed to be OFF unless you explicitly enable it, but is in fact ON unless you DISABLE it!

The problem is that if you don't specify a secret (because you think you're not using encryption), MyFaces will generate one and place it in application context; but this will change when you redeploy, and the secret used in pages in users' browsers from before the redeploy will then fail.

To get rid of the error, add the following <context-param> to your web.xml file:

<context-param>

<param-name>org.apache.myfaces.USE_ENCRYPTION</param-name>

<param-value>false</param-value>

</context-param>

See http://www.mail-archive.com/users@myfaces.apache.org/msg45187.html for further details

Of course, don't forget to modify your web.xml to web-app_2_5.xsd