[Andromda-devel] AndroMDA/JIRA Created: (BPM-212) Add struts token-like functionality

[Lee G. (JIRA) <ji...@an...>]

Add struts token-like functionality
-----------------------------------

         Key: BPM-212
         URL: http://jira.andromda.org/browse/BPM-212
     Project: Bpm4Struts Cartridge
        Type: Improvement
    Versions: 3.1M1    
    Reporter: Lee Greiner
 Assigned to: Wouter Zoons 
    Priority: Minor


Struts has a token feature that puts a single-use token on a form to prevent duplicate submits. Redirecting after post prevents duplicate submissions using the "back" button but will not prevent a duplicate post if a user submits more than once in rapid succession.

Typically when a Struts action is going to forward to a page that will post information the action will call Action.saveToken(HttpServletRequest). Struts will then automatically add the token to the form when the <html:form> tag is rendered.

When the post occurs the action should perform an Action.isValidToken(HttpServletRequest, true) to verify and invalidate the token. Any succeeding posts with the token will be cause isValidToken() to return false.

I typically call Action.resetToken(HttpServletRequest) in any action that forwards to pages that will not alter state (session, db, ...).

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.andromda.org/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira