RE: [Q] TRANSACTION_TOKEN_KEY - Multiple Page Forms
Thanks, that makes sense. I'm using that design pattern now. Do you have any prefered design patterns for multiple page forms. For example, if your Registration example was spanned over 3 different JSPs, where would you put the logic that knows what page to validate, and what page to forward to? Would you use hidden tags? Would you use different action paths? (ie saveRegistration.do would be saveRegistration1.do, saveRegistration2.do, etc) Just wondering the best way... Thanks. > -Original Message- > From: Dan Malks [mailto:[EMAIL PROTECTED]] > Sent: Saturday, February 10, 2001 3:46 PM > To: [EMAIL PROTECTED] > Subject: Re: [Q] TRANSACTION_TOKEN_KEY > > > > > "Craig R. McClanahan" wrote: > > > Dan Malks wrote: > > > > > Craig, > > > > > > "Craig R. McClanahan" wrote: > > > > > > > Neal Kaiser wrote: > > > > > > > > > How does this work when they are registering for the > first time, not > > > > > editing. I can > > > > > see that in EditRegistrationAction the token is > set... but if they are > > > > > registering > > > > > for the first time where is the token set? It seems > that it would fail when > > > > > it hits > > > > > the token check in SaveRegistrationAction, but I know > it doesn't, so it must > > > > > be set > > > > > somewhere, right? > > > > > > > > > > > > > You will note that the "Register with the MailReader > Demonstration Application" > > > > link (on index.jsp) goes through "EditRegistration.do" > as well, so that the > > > > token gets saved even in this case. The > "?action=Create" request parameter is > > > > used to distinguish this from the editing case ("?action=Edit"). > > > > > > Would 'ModifyRegistration.do' or 'ProcessRegistration.do' > be more clear, then? > > > > > > > Or even something more generic like "StartRegistration.do"? > Can you tell that I wrote > > the "edit" use case first? :-) > > > > I had a Comp Sci prof that said the most critical design > decision you will ever make > > is naming things. > > And often, surprisingly, one of the harder ones. > > > > And, even when you get the initial name correct, it is important to > > review your names after the program has evolved a bit. > > Amen ;-) > > Thanks, > -dm > > > > Sounds like it is time to do > > that exercise on the example app. > > > > > > > > -dm > > > > > > > Craig > > -- > Dan Malks Sun Java Center > Enterprise Java Architect703.208.5794 > >
Re: [Q] TRANSACTION_TOKEN_KEY
"Craig R. McClanahan" wrote: > Dan Malks wrote: > > > Craig, > > > > "Craig R. McClanahan" wrote: > > > > > Neal Kaiser wrote: > > > > > > > How does this work when they are registering for the first time, not > > > > editing. I can > > > > see that in EditRegistrationAction the token is set... but if they are > > > > registering > > > > for the first time where is the token set? It seems that it would fail when > > > > it hits > > > > the token check in SaveRegistrationAction, but I know it doesn't, so it must > > > > be set > > > > somewhere, right? > > > > > > > > > > You will note that the "Register with the MailReader Demonstration Application" > > > link (on index.jsp) goes through "EditRegistration.do" as well, so that the > > > token gets saved even in this case. The "?action=Create" request parameter is > > > used to distinguish this from the editing case ("?action=Edit"). > > > > Would 'ModifyRegistration.do' or 'ProcessRegistration.do' be more clear, then? > > > > Or even something more generic like "StartRegistration.do"? Can you tell that I >wrote > the "edit" use case first? :-) > > I had a Comp Sci prof that said the most critical design decision you will ever make > is naming things. And often, surprisingly, one of the harder ones. > And, even when you get the initial name correct, it is important to > review your names after the program has evolved a bit. Amen ;-) Thanks, -dm > Sounds like it is time to do > that exercise on the example app. > > > > > -dm > > > > Craig -- Dan Malks Sun Java Center Enterprise Java Architect703.208.5794
Re: [Q] TRANSACTION_TOKEN_KEY
Dan Malks wrote: > Craig, > > "Craig R. McClanahan" wrote: > > > Neal Kaiser wrote: > > > > > How does this work when they are registering for the first time, not > > > editing. I can > > > see that in EditRegistrationAction the token is set... but if they are > > > registering > > > for the first time where is the token set? It seems that it would fail when > > > it hits > > > the token check in SaveRegistrationAction, but I know it doesn't, so it must > > > be set > > > somewhere, right? > > > > > > > You will note that the "Register with the MailReader Demonstration Application" > > link (on index.jsp) goes through "EditRegistration.do" as well, so that the > > token gets saved even in this case. The "?action=Create" request parameter is > > used to distinguish this from the editing case ("?action=Edit"). > > Would 'ModifyRegistration.do' or 'ProcessRegistration.do' be more clear, then? > Or even something more generic like "StartRegistration.do"? Can you tell that I wrote the "edit" use case first? :-) I had a Comp Sci prof that said the most critical design decision you will ever make is naming things. And, even when you get the initial name correct, it is important to review your names after the program has evolved a bit. Sounds like it is time to do that exercise on the example app. > > -dm > Craig
Re: [Q] TRANSACTION_TOKEN_KEY
Craig, "Craig R. McClanahan" wrote: > Neal Kaiser wrote: > > > How does this work when they are registering for the first time, not > > editing. I can > > see that in EditRegistrationAction the token is set... but if they are > > registering > > for the first time where is the token set? It seems that it would fail when > > it hits > > the token check in SaveRegistrationAction, but I know it doesn't, so it must > > be set > > somewhere, right? > > > > You will note that the "Register with the MailReader Demonstration Application" > link (on index.jsp) goes through "EditRegistration.do" as well, so that the > token gets saved even in this case. The "?action=Create" request parameter is > used to distinguish this from the editing case ("?action=Edit"). Would 'ModifyRegistration.do' or 'ProcessRegistration.do' be more clear, then? -dm > > > This is a design pattern that I like a lot -- use the same Action to initialize > the input form when you are creating a new record or when editing an existing > one, and use a request parameter to define which type of transaction is > occurring. You will also find that the "action" request parameter gets included > as a property of the form bean, and is passed in (as a hidden variable) on the > input form so that SaveRegistrationAction knows what to do as well. > > Craig -- Dan Malks Sun Java Center Enterprise Java Architect703.208.5794
Re: [Q] TRANSACTION_TOKEN_KEY
Neal Kaiser wrote: > How does this work when they are registering for the first time, not > editing. I can > see that in EditRegistrationAction the token is set... but if they are > registering > for the first time where is the token set? It seems that it would fail when > it hits > the token check in SaveRegistrationAction, but I know it doesn't, so it must > be set > somewhere, right? > You will note that the "Register with the MailReader Demonstration Application" link (on index.jsp) goes through "EditRegistration.do" as well, so that the token gets saved even in this case. The "?action=Create" request parameter is used to distinguish this from the editing case ("?action=Edit"). This is a design pattern that I like a lot -- use the same Action to initialize the input form when you are creating a new record or when editing an existing one, and use a request parameter to define which type of transaction is occurring. You will also find that the "action" request parameter gets included as a property of the form bean, and is passed in (as a hidden variable) on the input form so that SaveRegistrationAction knows what to do as well. Craig
RE: [Q] TRANSACTION_TOKEN_KEY
How does this work when they are registering for the first time, not editing. I can see that in EditRegistrationAction the token is set... but if they are registering for the first time where is the token set? It seems that it would fail when it hits the token check in SaveRegistrationAction, but I know it doesn't, so it must be set somewhere, right? > -Original Message- > From: Rob Leland [mailto:[EMAIL PROTECTED]] > Sent: Friday, February 09, 2001 9:52 AM > To: [EMAIL PROTECTED] > Subject: Re: [Q] TRANSACTION_TOKEN_KEY > > > EditRegistrationAction.java SaveRegistrationAction.java > provide examples. > > You would probably never use generateToken(). > > It is used whenever you want to prevent the user > from bookmarking a page, or from using the browser > back arrow and then posting a second time. > > In the EditRegistrationAction, once the data is loaded > from a database a call to saveToken() is made. It should > probably be named 'setToken()' to be consistent with > 'resetToken()'. This sets a variable in both the session > and request scope of the app. Control is then forwarded > to the edit jsp. When the user 'posts' the page the > Token is validated in SaveRegistrationPage, then it is > destroyed by the 'resetToken call. Then the next page is > 'forwarded' to. If at this time the user hits the 'back' > button and hits 'post' again, when SaveRegistrationAction > checks to see if the token is valids it finds can find > one of two things: > 1) Either the 'Token' variable didn't exist in the session scope. > This happen if 'resetToken' was the last method called > 2) Or it will find that the "request" and "session" scope > Token do not > match. > This happen if 'saveToken' was the last method called. > > > Alexander Staff wrote: > > > > Hello, > > does anyone here have any examples/explanations about using the > > TRANSACTION_TOKEN_KEY feature in struts ? > > I am not sure using the generateToken(), isTokenValid(), > resetToken() and > > saveToken() functions properly and in the right place. > > > > Thanks in advance > > Ciao > > Alexander > > > > -- > > Sent through GMX FreeMail - http://www.gmx.net
Re: [Q] TRANSACTION_TOKEN_KEY
Let me clean this up, and make it a little clearer. Oleg V Alexeev wrote: > > Hello Rob, > > +1 to add it to the struts doc. >
Re: [Q] TRANSACTION_TOKEN_KEY
EditRegistrationAction.java SaveRegistrationAction.java provide examples. You would probably never use generateToken(). It is used whenever you want to prevent the user from bookmarking a page, or from using the browser back arrow and then posting a second time. In the EditRegistrationAction, once the data is loaded from a database a call to saveToken() is made. It should probably be named 'setToken()' to be consistent with 'resetToken()'. This sets a variable in both the session and request scope of the app. Control is then forwarded to the edit jsp. When the user 'posts' the page the Token is validated in SaveRegistrationPage, then it is destroyed by the 'resetToken call. Then the next page is 'forwarded' to. If at this time the user hits the 'back' button and hits 'post' again, when SaveRegistrationAction checks to see if the token is valids it finds can find one of two things: 1) Either the 'Token' variable didn't exist in the session scope. This happen if 'resetToken' was the last method called 2) Or it will find that the "request" and "session" scope Token do not match. This happen if 'saveToken' was the last method called. Alexander Staff wrote: > > Hello, > does anyone here have any examples/explanations about using the > TRANSACTION_TOKEN_KEY feature in struts ? > I am not sure using the generateToken(), isTokenValid(), resetToken() and > saveToken() functions properly and in the right place. > > Thanks in advance > Ciao > Alexander > > -- > Sent through GMX FreeMail - http://www.gmx.net