You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by umamaheswara rao <um...@yahoo.com> on 2004/10/14 20:30:28 UTC
synchronizer token - double submit problem
Hi ,
Your help is apprciated.....
How do I set a token it to JSP ? do I need to have
to set
the token to the form bean(form.setToken("value from
session with saveToken method")) in the action class
which calls saveToken(request) method ?
I understand the following process...but I got stuck
here with isTokenValid(request) method ...if at all I
need to set the token in hidden field what name should
I use...
saveToken(request)
on the return trip,
isTokenValid(request)
resetToken(request)
Thanks
Uma
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: synchronizer token - double submit problem
Posted by Jeff Beal <jb...@webmedx.com>.
The <html:form/> tag inserts the token as a hidden field.
umamaheswara rao wrote:
> Hi ,
>
> Your help is apprciated.....
>
> How do I set a token it to JSP ? do I need to have
> to set
> the token to the form bean(form.setToken("value from
> session with saveToken method")) in the action class
> which calls saveToken(request) method ?
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: synchronizer token - double submit problem
Posted by umamaheswara rao <um...@yahoo.com>.
Hi,
Good to get Response from you Mr. Craig McClanahan.
Please find the following problem I've ...
I've followed the article mentioned in javaworld
(http://www.javaworld.com/javatips/jw-javatip136_p.html),
Since I have BaseActionClass which extends Action
class
following are the Action classes before modifing for
Synchronizer Token.
ShoppingAction extends BaseAction..
ProcessOrderAction extends ShoppingAction
CheckOutAction extends ShoppingAction
After modifying I've modified as per the article...
SynchroAction extends ShoppingAction
ProcessOrderAction(calling saveToken(request)) extends
SynchroAction
CheckOutAction(calling isValidToken(request)) extends
SychroAction
so that, even if the user double clicks to process the
order I should be handling the situation to not to
process two orders for a customer..
But, following are the values from the logs I
observed...
Process Order Action :: Session Token is
::8121dcb84a3734bb5a4ee
CheckOutAction
Request : null
Session token: 3df5a196f87876ae863089039968f
Current token: null
So where did my Request token go ? any wrong in
implementation...I appreciate your valuable time ...
Best Regards,
Uma.
--- Craig McClanahan <cr...@gmail.com> wrote:
> Once you've called saveToken(), the <html:form> tag
> will automatically
> create a hidden field with a name that is known to
> the isTokenValid()
> and resetToken() methods -- you do not have to do
> anything at all in
> the JSP page for this to work.
>
> Craig
>
>
> On Thu, 14 Oct 2004 11:30:28 -0700 (PDT),
> umamaheswara rao
> <um...@yahoo.com> wrote:
> > Hi ,
> >
> > Your help is apprciated.....
> >
> > How do I set a token it to JSP ? do I need to
> have
> > to set
> > the token to the form bean(form.setToken("value
> from
> > session with saveToken method")) in the action
> class
> > which calls saveToken(request) method ?
> >
> > I understand the following process...but I got
> stuck
> > here with isTokenValid(request) method ...if at
> all I
> > need to set the token in hidden field what name
> should
> > I use...
> >
> > saveToken(request)
> > on the return trip,
> > isTokenValid(request)
> > resetToken(request)
> >
> > Thanks
> > Uma
> >
> > _______________________________
> > Do you Yahoo!?
> > Declare Yourself - Register online to vote today!
> > http://vote.yahoo.com
> >
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> user-unsubscribe@struts.apache.org
> > For additional commands, e-mail:
> user-help@struts.apache.org
> >
> >
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> user-unsubscribe@struts.apache.org
> For additional commands, e-mail:
> user-help@struts.apache.org
>
>
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: synchronizer token - double submit problem
Posted by umamaheswara rao <um...@yahoo.com>.
Hi,
Does the Struts 1.0 (synchronizer token)supports
the following mechanism ?
saveToken(request) ..?
isTokenValid(request) ..?
setting the hidden field in the form(Token value
from session) automatically...?
Thanks
Uma Kagitha.
--- Craig McClanahan <cr...@gmail.com> wrote:
> Once you've called saveToken(), the <html:form> tag
> will automatically
> create a hidden field with a name that is known to
> the isTokenValid()
> and resetToken() methods -- you do not have to do
> anything at all in
> the JSP page for this to work.
>
> Craig
>
>
> On Thu, 14 Oct 2004 11:30:28 -0700 (PDT),
> umamaheswara rao
> <um...@yahoo.com> wrote:
> > Hi ,
> >
> > Your help is apprciated.....
> >
> > How do I set a token it to JSP ? do I need to
> have
> > to set
> > the token to the form bean(form.setToken("value
> from
> > session with saveToken method")) in the action
> class
> > which calls saveToken(request) method ?
> >
> > I understand the following process...but I got
> stuck
> > here with isTokenValid(request) method ...if at
> all I
> > need to set the token in hidden field what name
> should
> > I use...
> >
> > saveToken(request)
> > on the return trip,
> > isTokenValid(request)
> > resetToken(request)
> >
> > Thanks
> > Uma
> >
> > _______________________________
> > Do you Yahoo!?
> > Declare Yourself - Register online to vote today!
> > http://vote.yahoo.com
> >
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> user-unsubscribe@struts.apache.org
> > For additional commands, e-mail:
> user-help@struts.apache.org
> >
> >
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> user-unsubscribe@struts.apache.org
> For additional commands, e-mail:
> user-help@struts.apache.org
>
>
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: synchronizer token - double submit problem
Posted by Craig McClanahan <cr...@gmail.com>.
Once you've called saveToken(), the <html:form> tag will automatically
create a hidden field with a name that is known to the isTokenValid()
and resetToken() methods -- you do not have to do anything at all in
the JSP page for this to work.
Craig
On Thu, 14 Oct 2004 11:30:28 -0700 (PDT), umamaheswara rao
<um...@yahoo.com> wrote:
> Hi ,
>
> Your help is apprciated.....
>
> How do I set a token it to JSP ? do I need to have
> to set
> the token to the form bean(form.setToken("value from
> session with saveToken method")) in the action class
> which calls saveToken(request) method ?
>
> I understand the following process...but I got stuck
> here with isTokenValid(request) method ...if at all I
> need to set the token in hidden field what name should
> I use...
>
> saveToken(request)
> on the return trip,
> isTokenValid(request)
> resetToken(request)
>
> Thanks
> Uma
>
> _______________________________
> Do you Yahoo!?
> Declare Yourself - Register online to vote today!
> http://vote.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org