You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Adam Hardy <ah...@cyberspaceroad.com> on 2003/08/06 11:27:38 UTC
transaction tokens
Did the creator of transaction token functionality on the struts Action
class have any plan or suggestions about what to do about tokens
becoming mixed and invalid in the situation when the user has more than
one browser window open?
i.e. the user decides to create a new item.
- Opens create-page (gets first transaction token in session)
- decides to copy details from another item
- opens edit page for another item in a second browser window
(overwrites first token with second)
- hits "create" and receives transaction token error
Or is there an alternative for this situation?
Or even a non-technical error message to calm the user and explain why
they caused an error? ;)
Thanks
Adam
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: transaction tokens
Posted by Adam Hardy <ah...@cyberspaceroad.com>.
Makes alot of sense.
Andrew Hill wrote:
> In my case having multiple windows open for different records using the same
> mapping and with session scoped action forms was a requirement.
>
> What I do is to have an object called the OperationContext that is stored in
> the session. Conceptually its like a mini-session. This object has
> getAttribute() and setAttribute() methods and a few other goodies. Each
> opCon has a unique id - which has to be included included as part of a url
> for a request associated with that operation.
>
> I store my action forms in the opCon rather than directly in the session
> (and have overridden RequestProcessor so it is smart enough to look there).
>
> This stops my forms colliding when I have multiple windows. It also lets me
> do some other neat things - for example by allowing the opCons to be
> 'stacked' I can preserve the state of a users interaction with a form while
> they go off to edit a related record, and then bring them back to that form
> afterwards in the same state they left it.
>
> Im not using tokens, but if I was (and I very likely will be - when I get
> around to it) Id override the struts handling to support opCons for them so
> instead of one token per session, it would be one per opCon.
>
> -----Original Message-----
> From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
> Sent: Wednesday, 6 August 2003 18:41
> To: Struts Users Mailing List
> Subject: Re: transaction tokens
>
>
> I was thinking there might be a way of controlling transactions by
> saving all tokens in the session once they are used, and then if it
> crops up again, not allowing the execution.
>
> Would be simple to implement with a hashmap I think.
>
> What's the likelihood of 2 transaction tokens being identical, over the
> course of a user session?
>
> (Theoretically you could apply the same principle to action forms,saving
> them against a transaction token and then sorting it out in a base class
> during form.reset() (exceptionally seat-of-pants thinking))
>
> Andrew Hill wrote:
>
>>oops, yep. Should have specified that. Only for a session mapped
>
> actionform
>
>>will there be a problem. The request ones are of course not affected by
>
> the
>
>>problem.
>>
>>-----Original Message-----
>>From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
>>Sent: Wednesday, 6 August 2003 17:56
>>To: Struts Users Mailing List
>>Subject: Re: transaction tokens
>>
>>
>>Andrew Hill wrote:
>>
>>
>>>I dont believe so. :-(
>>>
>>><btw>
>>>Likewise for multiple actionforms (for the same mapping) when you have >1
>>>windows open (such as you might want for editing several records selected
>>
>>>from a list in the main window...)
>>
>>></btw>
>>
>>
>>what's the problem with that? You mean you have the action form in the
>>session?
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: struts-user-help@jakarta.apache.org
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: struts-user-help@jakarta.apache.org
>>
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
RE: transaction tokens
Posted by Andrew Hill <an...@gridnode.com>.
In my case having multiple windows open for different records using the same
mapping and with session scoped action forms was a requirement.
What I do is to have an object called the OperationContext that is stored in
the session. Conceptually its like a mini-session. This object has
getAttribute() and setAttribute() methods and a few other goodies. Each
opCon has a unique id - which has to be included included as part of a url
for a request associated with that operation.
I store my action forms in the opCon rather than directly in the session
(and have overridden RequestProcessor so it is smart enough to look there).
This stops my forms colliding when I have multiple windows. It also lets me
do some other neat things - for example by allowing the opCons to be
'stacked' I can preserve the state of a users interaction with a form while
they go off to edit a related record, and then bring them back to that form
afterwards in the same state they left it.
Im not using tokens, but if I was (and I very likely will be - when I get
around to it) Id override the struts handling to support opCons for them so
instead of one token per session, it would be one per opCon.
-----Original Message-----
From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
Sent: Wednesday, 6 August 2003 18:41
To: Struts Users Mailing List
Subject: Re: transaction tokens
I was thinking there might be a way of controlling transactions by
saving all tokens in the session once they are used, and then if it
crops up again, not allowing the execution.
Would be simple to implement with a hashmap I think.
What's the likelihood of 2 transaction tokens being identical, over the
course of a user session?
(Theoretically you could apply the same principle to action forms,saving
them against a transaction token and then sorting it out in a base class
during form.reset() (exceptionally seat-of-pants thinking))
Andrew Hill wrote:
> oops, yep. Should have specified that. Only for a session mapped
actionform
> will there be a problem. The request ones are of course not affected by
the
> problem.
>
> -----Original Message-----
> From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
> Sent: Wednesday, 6 August 2003 17:56
> To: Struts Users Mailing List
> Subject: Re: transaction tokens
>
>
> Andrew Hill wrote:
>
>>I dont believe so. :-(
>>
>><btw>
>>Likewise for multiple actionforms (for the same mapping) when you have >1
>>windows open (such as you might want for editing several records selected
>>from a list in the main window...)
>></btw>
>
>
> what's the problem with that? You mean you have the action form in the
> session?
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: transaction tokens
Posted by Adam Hardy <ah...@cyberspaceroad.com>.
I was thinking there might be a way of controlling transactions by
saving all tokens in the session once they are used, and then if it
crops up again, not allowing the execution.
Would be simple to implement with a hashmap I think.
What's the likelihood of 2 transaction tokens being identical, over the
course of a user session?
(Theoretically you could apply the same principle to action forms,saving
them against a transaction token and then sorting it out in a base class
during form.reset() (exceptionally seat-of-pants thinking))
Andrew Hill wrote:
> oops, yep. Should have specified that. Only for a session mapped actionform
> will there be a problem. The request ones are of course not affected by the
> problem.
>
> -----Original Message-----
> From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
> Sent: Wednesday, 6 August 2003 17:56
> To: Struts Users Mailing List
> Subject: Re: transaction tokens
>
>
> Andrew Hill wrote:
>
>>I dont believe so. :-(
>>
>><btw>
>>Likewise for multiple actionforms (for the same mapping) when you have >1
>>windows open (such as you might want for editing several records selected
>>from a list in the main window...)
>></btw>
>
>
> what's the problem with that? You mean you have the action form in the
> session?
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: struts-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
RE: transaction tokens
Posted by Andrew Hill <an...@gridnode.com>.
oops, yep. Should have specified that. Only for a session mapped actionform
will there be a problem. The request ones are of course not affected by the
problem.
-----Original Message-----
From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
Sent: Wednesday, 6 August 2003 17:56
To: Struts Users Mailing List
Subject: Re: transaction tokens
Andrew Hill wrote:
> I dont believe so. :-(
>
> <btw>
> Likewise for multiple actionforms (for the same mapping) when you have >1
> windows open (such as you might want for editing several records selected
> from a list in the main window...)
> </btw>
what's the problem with that? You mean you have the action form in the
session?
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
Re: transaction tokens
Posted by Adam Hardy <ah...@cyberspaceroad.com>.
Andrew Hill wrote:
> I dont believe so. :-(
>
> <btw>
> Likewise for multiple actionforms (for the same mapping) when you have >1
> windows open (such as you might want for editing several records selected
> from a list in the main window...)
> </btw>
what's the problem with that? You mean you have the action form in the
session?
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
RE: transaction tokens
Posted by Andrew Hill <an...@gridnode.com>.
I dont believe so. :-(
<btw>
Likewise for multiple actionforms (for the same mapping) when you have >1
windows open (such as you might want for editing several records selected
from a list in the main window...)
</btw>
-----Original Message-----
From: Adam Hardy [mailto:ahardy.struts@cyberspaceroad.com]
Sent: Wednesday, 6 August 2003 17:28
To: Struts Users Mailing List
Subject: transaction tokens
Did the creator of transaction token functionality on the struts Action
class have any plan or suggestions about what to do about tokens
becoming mixed and invalid in the situation when the user has more than
one browser window open?
i.e. the user decides to create a new item.
- Opens create-page (gets first transaction token in session)
- decides to copy details from another item
- opens edit page for another item in a second browser window
(overwrites first token with second)
- hits "create" and receives transaction token error
Or is there an alternative for this situation?
Or even a non-technical error message to calm the user and explain why
they caused an error? ;)
Thanks
Adam
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: struts-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: struts-user-help@jakarta.apache.org