From: Wouter Z. (JIRA) <ji...@an...> - 2005-06-29 15:12:49
|
[ http://jira.andromda.org/browse/BPM-212?page=history ] Work on BPM-212 started by Wouter Zoons > Add struts token-like functionality > ----------------------------------- > > Key: BPM-212 > URL: http://jira.andromda.org/browse/BPM-212 > Project: Bpm4Struts Cartridge > Type: Improvement > Versions: 3.1M1 > Reporter: Lee Greiner > Assignee: Wouter Zoons > Priority: Minor > > Struts has a token feature that puts a single-use token on a form to prevent duplicate submits. Redirecting after post prevents duplicate submissions using the "back" button but will not prevent a duplicate post if a user submits more than once in rapid succession. > Typically when a Struts action is going to forward to a page that will post information the action will call Action.saveToken(HttpServletRequest). Struts will then automatically add the token to the form when the <html:form> tag is rendered. > When the post occurs the action should perform an Action.isValidToken(HttpServletRequest, true) to verify and invalidate the token. Any succeeding posts with the token will be cause isValidToken() to return false. > I typically call Action.resetToken(HttpServletRequest) in any action that forwards to pages that will not alter state (session, db, ...). -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.andromda.org/secure/Administrators.jspa - If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira |