You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by David Gagnon <ga...@yahoo.com> on 2003/06/17 20:43:35 UTC
Token in struts and session bean.... problem with the framework ?
Hi all,
If you have a session bean and you are using the
token framework to protect yourself again multiple
submit...
Let say a request with a bad token is post to the
server. The bean will be populated right ... even
if
the token is not valid. Is struts offers support to
check if a request contains a valid token prior to
populate the bean. For what I know you the sooner
you
can play with token in struts is in the reset method
of the bean (It may not be the best place to play
with
token anyway...).
Is a request with a bad or no token should be
redirect
by the framework to a handler. Like it's done with
the Exception in Struts? I think there should have
a
way to avoid changing the server state on bad
request
...
My guest is that you already know about all that :-)
... or that there is something to prevent this that
I'm not aware of.
Thanks for your help
/Dave
__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org