ApplicationException sample
Hi all, Can someone please attach a sample of an ApplicationException, BaseException & SystemException classes? An example of catching them in an Action class will be very helpful too. Thanks a lot Rivka ** The contents of this email and any attachments are confidential. They are intended for the named recipient(s) only. If you have received this email in error please notify the system manager or the sender immediately and do not disclose the contents to anyone or make copies. ** eSafe scanned this email for viruses, vandals and malicious content. ** **
Re: [OT] Cross-site scripting filters
On 7/18/05, Laurie Harper <[EMAIL PROTECTED]> wrote: > Ed Griebel wrote: > > So it seems like you want to a) render untrusted HTML, and b) render > > secure html. Sounds like the basic requirement is at odds? You could > > do something like slashdot and other BB systems do: restrict the > > amount of valid markup to make your parsing job easier. > > Ultimately, restricting allowed markup helps but doesn't make the hard > cases much easier :-) You're right that (a) and (b) conflict somewhat, > though. But think about something like Google Mail: it needs to be able to > display as much of a user's mail as possible whilst still remaining secure > against XSS attacks. I would imagine pretty much any blogging software that allows restricted HTML in comments (or pretty much any Wiki software that accepts some HTML for formatting, for that matter) has dealt with this kind of issue. Might be worth spelunking open source versions of those projects for ideas. Craig - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Ed Griebel wrote: So it seems like you want to a) render untrusted HTML, and b) render secure html. Sounds like the basic requirement is at odds? You could do something like slashdot and other BB systems do: restrict the amount of valid markup to make your parsing job easier. Ultimately, restricting allowed markup helps but doesn't make the hard cases much easier :-) You're right that (a) and (b) conflict somewhat, though. But think about something like Google Mail: it needs to be able to display as much of a user's mail as possible whilst still remaining secure against XSS attacks. Actually, I'm not sure if gmail *does* support showing HTML formatted email off hand, but you see what I mean. Another idea, one single regexp won't do it, but have you thought of making multiple passes through the data as a check? You could xlate unicode, remove line splits, perform xml entity substitution, etc., then if it "passes", store the original html page as entered. I'm I'm not sure I want ever to store a modified copy, but the multi-pass regex approach is valid in any case. It's probably the best way to go if you're not willing to use a complete HTML+CSS parser in your XSS filter. guessing that your requirement is to store and re-present the original markup as entered :-) Pretty much, sans XSS hacks, of course :-) Also, have you tried doing some research into what the PHP world does to prevent it? It might give a good point of reference for Java. I spent a little time hunting around in the PHP world today, though I've yet to find anything particularly useful. Most of the implementations I've looked at so far do a fairly minimal job to defeat just the most common sorts of attack. L. -ed On 7/18/05, Laurie Harper <[EMAIL PROTECTED]> wrote: Frank W. Zammetti wrote: Yeah, wouldn't help you filter on output, but I pointer that out before :) True enough :) Note that it does allow you to specify your own regex, so in reality you can filter for whatever you want. I did this specifically so when someone spots something I didn't think of it's easy to make it catch those too. The trouble is, I doubt it would be possible to construct a single regex that did a robust job -- including handling of character references (as in my example), differing syntax rules in embedded CSS, browser's recombining keywords like 'javascript' that are split over multiple lines, etc. etc... FYI, while I find it ironic to reference a Microsoft resource on a security exploit, they actually do have a decent little page about XSS... http://support.microsoft.com/default.aspx?scid=kb;en-us;252985 The solutions it discusses, though, really don't help much when the requirement is to render untrusted HTML. There's a lot more detail on what's involved in some of the CERT advisories, for example: http://www.cert.org/advisories/CA-2000-02.html http://www.cert.org/tech_tips/malicious_code_mitigation.html L. Frank Laurie Harper wrote: Frank W. Zammetti wrote: Not a problem... http://javawebparts.sourceforge.net/javadocs/index.html In the javawebparts.filter package, you should see the CrossSiteScriptingFilter. This will filter any incoming parameters, and optionally attributes (good for if your forwarding somewhere) for a list of characters (you can alter what it looks for via regex). Ah, I initially skipped that package, thinking a servlet filter wasn't really what I was after. Browsing through the code, it seems I was right. For one thing, I want to filter text on output, not filter request parameters on input. But more important, your filter only checks for (and rejects) anything with a few particular characters -- all of which are valid in most cases from an XSS-prevention standpoint. For what it's worth, injecting XSS attacks through that filter is pretty easy. For example, the following wouldn't be caught: I'm hoping I can find something that addresses all the nefarious XSS strategies out there. It's not easy to implement something that's complete, especially when you try to deal with embedded CSS in the HTML you're trying to sanitize...! Thanks for the link though :-) -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Name of the form
I ran into an issue similar to yours where I had a "search" form and a "results" form. What I did was to use a nested form bean, with one nested form bean being the search parameters, and another nested form bean being the results. Both actions knew that the form was nested (as did the two separate forms displayed in the jsp), but each only used the nested form bean that it needed to know about, which made changes to the nested forms and actions independant of the other form/action. This was with POJO, not declared, form beans too. A variation on this is to have a POJO action form extend another one. You should be able to do this and preserve the data in both forms, but I havent' worked much with doing this, I have had odd sporadic problems doing this in early versions of 1.1. This works when the two actions/forms are relatively coupled. If they are not, you might want to think about using VOs instead of form beans and storing them in the session, and using BeanUtils.copyProperties() to move things from the form bean to/from the VO. -ed > N G wrote: > > I need to instantiate a form that is not associated with my particular > > action and place it on the request before forwarding... > > > > Right now I have to hardcode the name of the form as the key into the > > request scope. I know that you can get the configured name of the form > > that IS associated with your action by doing mapping.getAttribute(). > > However, how do I get the configured name of the form with just > > knowing the fully qualified class name? > > > > Is there a way to do this? > > > > Are there any other suggestion as to how NOT to hardcode the name of the > > form. > > > > Thanks, > > NG > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
So it seems like you want to a) render untrusted HTML, and b) render secure html. Sounds like the basic requirement is at odds? You could do something like slashdot and other BB systems do: restrict the amount of valid markup to make your parsing job easier. Another idea, one single regexp won't do it, but have you thought of making multiple passes through the data as a check? You could xlate unicode, remove line splits, perform xml entity substitution, etc., then if it "passes", store the original html page as entered. I'm guessing that your requirement is to store and re-present the original markup as entered :-) Also, have you tried doing some research into what the PHP world does to prevent it? It might give a good point of reference for Java. -ed On 7/18/05, Laurie Harper <[EMAIL PROTECTED]> wrote: > Frank W. Zammetti wrote: > > Yeah, wouldn't help you filter on output, but I pointer that out before :) > > True enough :) > > > Note that it does allow you to specify your own regex, so in reality you > > can filter for whatever you want. I did this specifically so when > > someone spots something I didn't think of it's easy to make it catch > > those too. > > The trouble is, I doubt it would be possible to construct a single regex > that did a robust job -- including handling of character references (as in > my example), differing syntax rules in embedded CSS, browser's recombining > keywords like 'javascript' that are split over multiple lines, etc. etc... > > > FYI, while I find it ironic to reference a Microsoft resource on a > > security exploit, they actually do have a decent little page about XSS... > > > > http://support.microsoft.com/default.aspx?scid=kb;en-us;252985 > > The solutions it discusses, though, really don't help much when the > requirement is to render untrusted HTML. There's a lot more detail on > what's involved in some of the CERT advisories, for example: > > http://www.cert.org/advisories/CA-2000-02.html > http://www.cert.org/tech_tips/malicious_code_mitigation.html > > L. > > > > > Frank > > > > Laurie Harper wrote: > > > >> Frank W. Zammetti wrote: > >> > >>> Not a problem... > >>> > >>> http://javawebparts.sourceforge.net/javadocs/index.html > >>> > >>> In the javawebparts.filter package, you should see the > >>> CrossSiteScriptingFilter. > >>> > >>> This will filter any incoming parameters, and optionally attributes > >>> (good > >>> for if your forwarding somewhere) for a list of characters (you can > >>> alter > >>> what it looks for via regex). > >> > >> > >> > >> Ah, I initially skipped that package, thinking a servlet filter wasn't > >> really what I was after. Browsing through the code, it seems I was right. > >> > >> For one thing, I want to filter text on output, not filter request > >> parameters on input. But more important, your filter only checks for > >> (and rejects) anything with a few particular characters -- all of > >> which are valid in most cases from an XSS-prevention standpoint. > >> > >> For what it's worth, injecting XSS attacks through that filter is > >> pretty easy. For example, the following wouldn't be caught: > >> > >> > >> > >> I'm hoping I can find something that addresses all the nefarious XSS > >> strategies out there. It's not easy to implement something that's > >> complete, especially when you try to deal with embedded CSS in the > >> HTML you're trying to sanitize...! > >> > >> Thanks for the link though :-) > > > > > > > -- > Laurie, Open Source advocate, Java geek and novice blogger: > http://www.holoweb.net/laurie > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Session-scoped ActionMessage
Is there any way in Struts 1.1 to have session-scoped ActionMessage?
Re: Manually Instantiating Action classes
On 7/18/05, Frank W. Zammetti <[EMAIL PROTECTED]> wrote: > I used to do a lot of this back when I wasn't as clear on why Actions > shouldn't contain actual code (this started when I was using a custom > framework my company build that had examples that didn't make it clear > you shouldn't do this). > Exactly what I've ran into as well! Most of the time I end up refactoring almost all non-trivial logic into separate classes because I have needed them elsewhere. What the original poster may be able to get away with is making the method public static in the action. It's a hack, but it will get you running quickly. Once you get it tested and working it's easy to move the method(s) to a helper class, espcially if you are using an IDE that supports refactoring like Eclipse or IDEA. Don't make them static if they depend on session or request state, as you'll shoot yourself in the foot due to the implicit threading in the app server. Good luck! -ed - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Copying of properties vs. nested VO
Michael Jouravlev wrote: I am not convinced that UI should be *that* different from domain model. +1. Example: You make a html mock up an go to contract, then do ren *.html to *.jsp for prototype. Beased on your approved prototype your most senior desigs a domain model! Domain Model is more physical vs model model is more logical view. Ex: Customer has mutiple addresses in physical, but in logical it's just customer. .V - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Copying of properties vs. nested VO
On 7/18/05, Adam Hardy <[EMAIL PROTECTED]> wrote: > Michael Jouravlev on 18/07/05 20:52, wrote: > > I am not convinced that UI should be *that* different from domain > > model. Do you have examples? > > I'm not sure that I can conjure up something convincing (being a techie > myself!) because you have to be fairly good at useability implementation > to be able to evangelise about it. However here goes with an example > from a project I worked on for a travel company (one of many examples). > > We were given UI mock-ups by the business analyst and one form was for > contact details, including 3 telephone numbers (office, fax & mobile) > each with 2 dropdowns (international dialling code and area dialling > code). The business analyst had worked closely with the Data Architect > without the benefit of an application designer. > > The dropdowns affected useability because each choice of international > dialling code forced a javascript event-driven page reload to fetch the > corresponding area code dropdown. When javascript was declared optional, > we then had to incorporate buttons to allow the user to call up the new > dropdown content. > > We started off having Hibernate disconnected DTOs nested right there in > the actionForm - the model was the address DTO, which had a child phone > number, which had a parent area code and a grandparent international > dialling code. > > In terms of /both/ useability /and/ implementation, it was a joke, yet > it had to appear in multiple places on the website. > > I wanted to change it to allow the user to type in the whole number in > one field and then to write a validation algorithm to establish the > international and area dialling codes, and then to redisplay the 3 > fields for edit, only if the algorithm failed. > > However the project was underfunded and I didn't get time :( You call this a good UI? Man, this is horrible. I don't blame you, because you wanted to do the right thing, combining stuff together. The idiots who think that choosing from endless comboboxes is easier that to type a phone or a date or address directly, should be procecuted by prohibiting them to do UI design forever. I hate this design. Not as a developer, but as a user. Yuck. Anyway, even with this design nothing prevents to use actual BO in the session-scoped form, and to have three "transient" values outside the BO. BO does not know or care how the phone number is combined. When request is submitted, the actual phone is built from parts somewhere in validate() or in the Action class. Then this real phone is validated. If it is incorrect, page is redisplayed. The downside is that validation can detect that area code is wrong, but it cannot tell UI layer to correlate the error message to a particular combobox. On the other hand, the whole point of comboboxes was to prevent errors with area codes. With nested BO you would have detached address with real phones, and you would have (one "transient" "local phone" field and two comboboxes) * times three. It would still work. I guess, indexed properties could be used. I think, it is still better than copying properties. You have business rules right there, and there is no need to copy most of the properties. UI that you described is still close to domain model: location(s) and corresponding phone numbers (cell phone belongs to a virtual location with no physical address). Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
I am going with the helper classes. Thanks to all who replied! On 7/18/05, Frank W. Zammetti <[EMAIL PROTECTED]> wrote: > I used to do a lot of this back when I wasn't as clear on why Actions > shouldn't contain actual code (this started when I was using a custom > framework my company build that had examples that didn't make it clear > you shouldn't do this). > > One Action instantiating another I think is sometimes not a bad idea > even today... why incur the overhead of rerunning the request processing > cycle again? > > That being said, I absolutely echo what everyone else said... moving it > to another class is the first, best solution. > > Frank > > a k wrote: > > In the process of writing an Action class, I realized that it needs > > some application functionality (not general utility kinda > > functionality) that is already part of a method in a different Action > > class. > > > > So, Action MyAction1 needs to access method myMethod2 in Action > > MyAction2. Here are the options that I could think of: > > > > 1. Instantiate the MyAction2 class manually and access the myMethod2. > > 2. Create a Helper class and move the funcationality there so that > > both the classes could use it. > > > > I cannot put this in a separate parent class and extend MyAction1 and > > MyAction2 from it because I already have another Action class that all > > Actions extend from and I would like to adhere to it...if possible. > > > > What is a better way in this scenario? In particular, is it bad to > > manually instantiate Action classes? > > > > Thanks! > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > -- > Frank W. Zammetti > Founder and Chief Software Architect > Omnytex Technologies > http://www.omnytex.com > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Name of the form
If you're doing "request.setAttribute("CLASS_NAME", myActionForm)" to
store the form bean you should be able to call
"request.getAttribute("CLASS_NAME")" to retrieve the myActionForm from
your JSP.
However, I am not sure about the cleanest ways to access myActionForm
from your JSP in this manner, so I will need to defer to others to
answer this. (If you could clarify precisely what you plan on doing
with myActionForm within your JSP--e.g. which HTML objects you plan on
populating with it--that may faciliate someone answering it.)
Glen
N G wrote:
I need to instantiate a form that is not associated with my particular
action and place it on the request before forwarding...
Right now I have to hardcode the name of the form as the key into the
request scope. I know that you can get the configured name of the form
that IS associated with your action by doing mapping.getAttribute().
However, how do I get the configured name of the form with just
knowing the fully qualified class name?
Is there a way to do this?
Are there any other suggestion as to how NOT to hardcode the name of the form.
Thanks,
NG
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Copying of properties vs. nested VO
Michael Jouravlev on 18/07/05 20:52, wrote: On 7/18/05, Adam Hardy <[EMAIL PROTECTED]> wrote: While the business domain is normally modelled using OO techniques, the view or user interface should be modelled using human behaviour analysis techniques that produce the best interface for users to get their work done efficiently, reflecting their mental model of what is going on. ... If you do [the business/UI shortcut] everywhere, you run the risk of forcing your users to learn the business domain OO model which might be a huge leap away from their own mental model. While I may agree that business model may differ from UI model, I cannot agree with the idea that they *should* be different. The first principle of OOP is that program objects reflect actual life objects. Department, employee, order, order items, etc. These are things that people work with, and these should be modeled by domain model. For example, we have department and employees. Or an order and order items. I think everyone would model it as Order-1:M-Item. What does a user work with? Same order and order items. What does a user expect to see? An order and items, corresponding to it. Of course, there are reference tables/objects, there are additional tables to ensure M:M relationship, there is a lot of plumbing behind. But a user does not work with plubming objects, unless it is a combobox with options. For example, Outlook Express. We have Folders with typed items like emails or news or forums. For each forum item there is a list of messages. For messages there is view preferences, sort order, and such. So, Folders and messages are definetely business objects. View preferences... that depends, but considering that OE's data model is specifically built for user interaction, view preferences can be stored along with each forum/message list as business object. I am not convinced that UI should be *that* different from domain model. Do you have examples? I'm not sure that I can conjure up something convincing (being a techie myself!) because you have to be fairly good at useability implementation to be able to evangelise about it. However here goes with an example from a project I worked on for a travel company (one of many examples). We were given UI mock-ups by the business analyst and one form was for contact details, including 3 telephone numbers (office, fax & mobile) each with 2 dropdowns (international dialling code and area dialling code). The business analyst had worked closely with the Data Architect without the benefit of an application designer. The dropdowns affected useability because each choice of international dialling code forced a javascript event-driven page reload to fetch the corresponding area code dropdown. When javascript was declared optional, we then had to incorporate buttons to allow the user to call up the new dropdown content. We started off having Hibernate disconnected DTOs nested right there in the actionForm - the model was the address DTO, which had a child phone number, which had a parent area code and a grandparent international dialling code. In terms of /both/ useability /and/ implementation, it was a joke, yet it had to appear in multiple places on the website. I wanted to change it to allow the user to type in the whole number in one field and then to write a validation algorithm to establish the international and area dialling codes, and then to redisplay the 3 fields for edit, only if the algorithm failed. However the project was underfunded and I didn't get time :( - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Which version of Eclipse does current release of Struts support?
Fei Jiangnan wrote: I am newbie to struts, and tried current release of struts with Eclipse 3.1, they seems not working together, coule you please make me some sense from the versions between struts and eclipse? What do you mean by "they don't work together?" Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Which version of Eclipse does current release of Struts support?
Hi there, I am newbie to struts, and tried current release of struts with Eclipse 3.1, they seems not working together, coule you please make me some sense from the versions between struts and eclipse? thanks in advance. Fei - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Frank W. Zammetti wrote: Yeah, wouldn't help you filter on output, but I pointer that out before :) True enough :) Note that it does allow you to specify your own regex, so in reality you can filter for whatever you want. I did this specifically so when someone spots something I didn't think of it's easy to make it catch those too. The trouble is, I doubt it would be possible to construct a single regex that did a robust job -- including handling of character references (as in my example), differing syntax rules in embedded CSS, browser's recombining keywords like 'javascript' that are split over multiple lines, etc. etc... FYI, while I find it ironic to reference a Microsoft resource on a security exploit, they actually do have a decent little page about XSS... http://support.microsoft.com/default.aspx?scid=kb;en-us;252985 The solutions it discusses, though, really don't help much when the requirement is to render untrusted HTML. There's a lot more detail on what's involved in some of the CERT advisories, for example: http://www.cert.org/advisories/CA-2000-02.html http://www.cert.org/tech_tips/malicious_code_mitigation.html L. Frank Laurie Harper wrote: Frank W. Zammetti wrote: Not a problem... http://javawebparts.sourceforge.net/javadocs/index.html In the javawebparts.filter package, you should see the CrossSiteScriptingFilter. This will filter any incoming parameters, and optionally attributes (good for if your forwarding somewhere) for a list of characters (you can alter what it looks for via regex). Ah, I initially skipped that package, thinking a servlet filter wasn't really what I was after. Browsing through the code, it seems I was right. For one thing, I want to filter text on output, not filter request parameters on input. But more important, your filter only checks for (and rejects) anything with a few particular characters -- all of which are valid in most cases from an XSS-prevention standpoint. For what it's worth, injecting XSS attacks through that filter is pretty easy. For example, the following wouldn't be caught: I'm hoping I can find something that addresses all the nefarious XSS strategies out there. It's not easy to implement something that's complete, especially when you try to deal with embedded CSS in the HTML you're trying to sanitize...! Thanks for the link though :-) -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Craig McClanahan wrote: While the code in question here might not help you, the concept of a Filter still can. You can use Filters to monitor (and potentially modify) the output stream by providing a wrapper around the HttpServletResponse that the container hands you, with custom implementations of getOutputStream() and getWriter() that send their output to a buffer instead of directly back to the client. Then, when the client returns, you can postprocess the buffer and weed out anything you think is dangerous. I think there's a sample filter to do GZIP compression in the Tomcat releases, which you could use as a model of the overall architecture. Yeah, I grok servlet filters OK ;-) The issue is that filtering the entire response is generally not too helpful for this: it'd disable all the dynamic functionality in the application that's *meant* to be there...! What I need is to allow users to enter HTML markup through a text field for subsequent display as part of a page (think, for example, of a wiki or CMS solution). Only the untrusted data should be filtered, and the submitted HTML must render correctly after potential XSS insertion has been dealt with. Cheers, L. -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
Mike Elliott wrote the following on 7/18/2005 3:18 PM:
I came up with another solution which might be worthy of
consideration. Instead of using arrays, extend a list with the
desired get( int ) method and use that list instead:
public class SkillActionForm extends ActionForm {
protected List skills = new LazyArrayList();
public class LazyArrayList extends ArrayList {
public Object get( int index ) {
while (size() <= index) add( new SkillBean() );
return super.get( index );
}
}
}
This is the solution I eventually adopted (successfully) but I have a
fondness for nested classes which others may not share.
I'm pretty sure what LazyList is doing similar stuff in the background,
so I'm curious why you don't just use that?
http://wiki.apache.org/struts/StrutsCatalogLazyList
--
Rick
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
I've stumbled across a similar problem that I'm trying to find the Struts solution for. I have a form which allows users to add a dynamic amount of rows (via a button that says "Add Row") and then submit the form with as little or many rows as they wish. Can a form bean be setup using collections instead of other object types? What is the proper way to handle a dynamic amount of the same data coming in to a Action? ~ Andrew Tomaka On 7/18/05, Rick Reumann <[EMAIL PROTECTED]> wrote: > Mike Elliott wrote the following on 7/18/2005 10:55 AM: > > > I've been beating my head against this all weekend to no avail. I > > understand how to do this in session scope, but don't know if it's > > even possible in request scope. > > > > As I understand things (which may be wrong), when the form is > > submitted (in request scope) a new form bean is created and populated > > with the values in the collection from the HTML form. But, of course, > > a newly created form won't know how many elements are in the form so > > it can't pre-populate the collection with beans to be filled in. > > Right? > > I'm still not totally clear where the problem is, since I'm not sure > what Session has to do with the initial setup of the form. It might help > if you let us know what the exact problem is when using request scope... > > 1) A problem when you submit the form and getting 'index' problems > showing up in the logs? > > 2) Is it making sure the nested structure is still there when validation > fails? > > I'm confused because you mention "But, of course, a newly created form > won't know how many elements are in the form so it can't pre-populate > the collection with beans to be filled in." This statement confused me > because you seem to be implying it works when it's in Session which > doesn't make sense since even with a Session scoped form you still need > to some initial population somewhere. > > Typically I feel you should always go to some sort of "setUp" action or > dispatch method BEFORE you ever forward to a form. Initially you can > often skip this step but later on there will be something you want to > 'do' before you get to the form anyway so I find it good practice to go > to a 'set up' first. > > For the two problems listed above the link Naill posted is good > http://wiki.apache.org/struts/StrutsCatalogLazyList (and I just recently > added to that link the way I like to do it). > > Let us know if you can't get it to work. I have to use Nested stuff all > the time, so I'll be able to help. > > -- > Rick > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
I have one as part of Java Web Parts
(http://javawebparts.sourceforge.net). Let me know if it suits your needs
(and if not, let me know the shortcomings so I can expand it!)
--
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
On Mon, July 18, 2005 2:28 pm, Laurie Harper said:
> Does anyone know of a good, complete implementation of a cross-site
> scripting filter for pre-processing user entered text that needs to be
> rendered as HTML? Obviously / ${fn:escapeXml()} / etc. aren't the
> right solution ;-) but there's nothing in standard JSTL or Struts (that I
> know of) that is.
>
> Any pointers appreciated!
>
> L.
> --
> Laurie, Open Source advocate, Java geek and novice blogger:
> http://www.holoweb.net/laurie
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
On 7/18/05, Rick Reumann <[EMAIL PROTECTED]> wrote:
> I'm still not totally clear where the problem is, since I'm not sure
> what Session has to do with the initial setup of the form.
The difference is unobvious, I admit, but this is what I was thinking
of: If I use a session bean, I can do some sort of setup (from an
Action) on its initial creation, including creating the list of
contained objects. That can't happen if it's in request scope because
there is no chance to invoke the setup before the bean is populated
from the request.
> 1) A problem when you submit the form and getting 'index' problems
> showing up in the logs?
More than showing up, the submit was trying to populate the bean with
indexed properties but the list containing the indexed properties was
of size zero. The
answer to the problem was given by the previous posters. Thanks guys.
What made the difference was the Wiki page section (BeanUtils Indexed
Properties Issue) pointing out that there is a bug in JDK 1.4 which
prevents the solution of writing your own getXXX( int ndx ) property.
I had done that (in desperation) and when that didn't work either, I
threw up my hands and wrote the list. I felt that it _should_ have
worked and when it didn't I just assumed my understanding of the
situation was inadequate and gave up. I'm delighted to find out that
the problem is in the implementation and not in my mental picture of
how this whole thing works.
> I'm confused because you mention "But, of course, a newly created form
> won't know how many elements are in the form so it can't pre-populate
> the collection with beans to be filled in." This statement confused me
> because you seem to be implying it works when it's in Session which
> doesn't make sense since even with a Session scoped form you still need
> to some initial population somewhere.
But you can do that once, before all this other stuff takes place. I
realize that wasn't an obvious inference but that's what I meant.
> Typically I feel you should always go to some sort of "setUp" action or
> dispatch method BEFORE you ever forward to a form.
But doesn't that go away in request scope when the form is submitted
back to the Action? Doesn't a new form get created and populated from
the HTML? It sure looks like that's what's happening to me.
> For the two problems listed above the link Naill posted is good
> http://wiki.apache.org/struts/StrutsCatalogLazyList (and I just recently
> added to that link the way I like to do it).
I came up with another solution which might be worthy of
consideration. Instead of using arrays, extend a list with the
desired get( int ) method and use that list instead:
public class SkillActionForm extends ActionForm {
protected List skills = new LazyArrayList();
public class LazyArrayList extends ArrayList {
public Object get( int index ) {
while (size() <= index) add( new SkillBean() );
return super.get( index );
}
}
}
This is the solution I eventually adopted (successfully) but I have a
fondness for nested classes which others may not share.
Anyway, thanks to all, I've gotten past the problem with an increased
understanding of the intricacies of this here Struts stuff.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
Andrew Tomaka wrote the following on 7/18/2005 2:13 PM: I have a form which allows users to add a dynamic amount of rows (via a button that says "Add Row") and then submit the form with as little or many rows as they wish. Can a form bean be setup using collections instead of other object types? What is the proper way to handle a dynamic amount of the same data coming in to a Action? I think to set this up where the user can add as many as they wish you'll have to do some DHTML stuff where you will be writing out the new elements using javascript. You'll probably have to keep track of what's in the currentDiv and append to it when they click "add new" You'll need a counter of the 'currentIndex' and you'll end up writing javascript to write to a div that will make the elements like... write( currentDivContents + "propety='yourList["+curIndex+"].firstName'/>"); Of course make sure for your "yourList" that you use an approach like http://wiki.apache.org/struts/StrutsCatalogLazyList An easier approach might be to only allow them to enter a fixed amount at a time, say five or so. After they submit they could enter more. This would cut down on the amount of javascript. And yes in either scenario you set up your ActionForm to use a property of type List that would hold your Collection of beans. -- Rick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
I used to do a lot of this back when I wasn't as clear on why Actions shouldn't contain actual code (this started when I was using a custom framework my company build that had examples that didn't make it clear you shouldn't do this). One Action instantiating another I think is sometimes not a bad idea even today... why incur the overhead of rerunning the request processing cycle again? That being said, I absolutely echo what everyone else said... moving it to another class is the first, best solution. Frank a k wrote: In the process of writing an Action class, I realized that it needs some application functionality (not general utility kinda functionality) that is already part of a method in a different Action class. So, Action MyAction1 needs to access method myMethod2 in Action MyAction2. Here are the options that I could think of: 1. Instantiate the MyAction2 class manually and access the myMethod2. 2. Create a Helper class and move the funcationality there so that both the classes could use it. I cannot put this in a separate parent class and extend MyAction1 and MyAction2 from it because I already have another Action class that all Actions extend from and I would like to adhere to it...if possible. What is a better way in this scenario? In particular, is it bad to manually instantiate Action classes? Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Copying of properties vs. nested VO
Anyone in the mood to kick the dead horse again? I decided to compare two approaches to use/update data from Struts. I am obviously biased towards nested VO/BO, so maybe I left something out. [I] Property copying This one seems to be the default and "officially endorsed" Struts practice. 1) Create/Load data. Workflow: * To use existing data it is loaded from database into BO/VO, then BO/VO properties are copied to action form. * To create new data nothing special is performed, action form is just cleaned if it has session scope. Notes: * BO/VO usually has strongly typed properties. * Validation is usually performed in the action form. * Intermediate data is flying around action form/request/response. * Because of double data copying (from database to BO/VO, then from BO/VO to action form) it is tempting to avoid BO/VO altogether or to make it as dumb as possible. Thus, this approach usually uses struct-type VO instead of behavioral BO. 2) Modify data Current data is kept in the action form, usually having request scope. Notes: * Request-scoped action forms do not allow to use two-phase request processing 3) Store data Workflow: * Data is validated in the action form first, then copied to BO/VO * BO/VO validates business rules * BO/VO is stored in the database Notes: * Business rules are validated after data is copied from action form to BO/VO; inefficient. * In this approach BO/VO is usually treated like a persistent object (EJB-style), that is modifications to BO/VO are immediately reflected in database. [II] Using nested BO/VO 1) Create/Load data. Workflow: * To use existing data it is loaded from database into BO/VO; this BO/VO is detached from database, that is all changes to it do not affect persistent data. * To enter new data a new instance of BO/VO is created; it is detached as well. ID/PK can be generated on this stage or is created on "store" stage. * BO/VO is kept in the session, or stored as nested object in the action form, which has session scope. Notes: * BO/VO usually has string properties or double-type properties: string/strong. Another choice is to define action form's setters as string, and to set BO data from within them. * Validation is performed partly by the BO/VO, and partly by the action form. * Intermediate data is kept in the BO/VO; transient data is kept in the action form. * This approach better supports OO model; enforces usage of a real BO with behavioral methods. 2) Modify data Current data is kept in the BO nested in the action form; action form has session scope. HTML form can either use/set nested properties directly, or use action form's setters/getters, which convert data and set it in the nested BO. 3) Store data Workflow: * Transient data is validated by the action form. * Business data is validated by nested BO * BO/VO is stored in the database Two major questions is where to perform validation and type conversion. One opinion is to perform validation and type conversion in an action form, and to have strongly typed VOs. Another is to have string- or string/strong properties for BO, which may provide better flexibility for different web frameworks and clients (for web service, WML, VoiceXML, non-Struts - most rules are in one place despite of different UI). Transient property may be stored in the BO to have all validation rules in BO. Did I miss something or got something wrong? Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: submit form
Still, mnemonics are non-standard for web applications, no? This doesn't seem right. Glen Niall Pemberton escribió: The short and not v.helpful response is you can't submit - its just a JSP tag that renders a HTML element and has nothing to do with the submit process. Some of the Struts tags have the "accesskey" attribute which defines a key that can be used with the accelerator key (usually ALT) to invoke a form control. So if you use the struts submit tag you could do something like... Niall - Original Message - From: "Sergey Livanov" <[EMAIL PROTECTED]> Sent: Monday, July 18, 2005 8:36 PM How can I submit html:form by pressing CTRL+S ? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
Michael Jouravlev wrote the following on 7/18/2005 3:59 PM: ActionForm.reset() for session-scoped forms, ActionForm.ActionForm() for request-scoped forms. I do not remeber, if reset() is called for request-scoped forms. Yes, reset is always called when the form submits. I know I mentioned in this in another post but I would disagree with repopulating your beans in the reset() UNLESS... you did adopt the whole ball of wax the way you have designed your stuff Michael. In other words if you go with your approach of the form beans doing other stuff than holding user input, than you can go ahead and mess with the reset doing that kind of stuff, but if Mike is sticking to 'typical' Struts than I wouldn't recommend repopulating in the reset. Why would you want to use request scope anyway? I use session scope and I am pretty happy. Well I could see for large forms with nested data it might not be a great idea to keep these around in the Session. I 'try' to stick to using the Request when I can but I don't bend over backwards like some do on this list to avoid the Session.. I'm in "The Session is your friend" camp:). Request will work fine however for Mike's situation. He just needs to wrap his collection in his ActionForm around a LazyList (or he can use a regular list and do the handcranking approach of incrementing the size when needed in the getList property in his form. LazyList is cleaner, though). -- Rick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
And if you can't find that compression filter in Tomcat, JWP has one too :) Does GZip and Deflate actualy :) Frank Craig McClanahan wrote: On 7/18/05, Laurie Harper <[EMAIL PROTECTED]> wrote: Frank W. Zammetti wrote: Not a problem... http://javawebparts.sourceforge.net/javadocs/index.html In the javawebparts.filter package, you should see the CrossSiteScriptingFilter. This will filter any incoming parameters, and optionally attributes (good for if your forwarding somewhere) for a list of characters (you can alter what it looks for via regex). Ah, I initially skipped that package, thinking a servlet filter wasn't really what I was after. Browsing through the code, it seems I was right. While the code in question here might not help you, the concept of a Filter still can. You can use Filters to monitor (and potentially modify) the output stream by providing a wrapper around the HttpServletResponse that the container hands you, with custom implementations of getOutputStream() and getWriter() that send their output to a buffer instead of directly back to the client. Then, when the client returns, you can postprocess the buffer and weed out anything you think is dangerous. I think there's a sample filter to do GZIP compression in the Tomcat releases, which you could use as a model of the overall architecture. Crag - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Yeah, wouldn't help you filter on output, but I pointer that out before :) Note that it does allow you to specify your own regex, so in reality you can filter for whatever you want. I did this specifically so when someone spots something I didn't think of it's easy to make it catch those too. FYI, while I find it ironic to reference a Microsoft resource on a security exploit, they actually do have a decent little page about XSS... http://support.microsoft.com/default.aspx?scid=kb;en-us;252985 Frank Laurie Harper wrote: Frank W. Zammetti wrote: Not a problem... http://javawebparts.sourceforge.net/javadocs/index.html In the javawebparts.filter package, you should see the CrossSiteScriptingFilter. This will filter any incoming parameters, and optionally attributes (good for if your forwarding somewhere) for a list of characters (you can alter what it looks for via regex). Ah, I initially skipped that package, thinking a servlet filter wasn't really what I was after. Browsing through the code, it seems I was right. For one thing, I want to filter text on output, not filter request parameters on input. But more important, your filter only checks for (and rejects) anything with a few particular characters -- all of which are valid in most cases from an XSS-prevention standpoint. For what it's worth, injecting XSS attacks through that filter is pretty easy. For example, the following wouldn't be caught: I'm hoping I can find something that addresses all the nefarious XSS strategies out there. It's not easy to implement something that's complete, especially when you try to deal with embedded CSS in the HTML you're trying to sanitize...! Thanks for the link though :-) -- Frank W. Zammetti Founder and Chief Software Architect Omnytex Technologies http://www.omnytex.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Re: Copying of properties vs. nested VO
Adam Hardy wrote: Not all users can think like geeks! And the (probably more important!) corollary: Most geeks can't think like users. Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
On 7/18/05, Laurie Harper <[EMAIL PROTECTED]> wrote: > Frank W. Zammetti wrote: > > > Not a problem... > > > > http://javawebparts.sourceforge.net/javadocs/index.html > > > > In the javawebparts.filter package, you should see the > > CrossSiteScriptingFilter. > > > > This will filter any incoming parameters, and optionally attributes (good > > for if your forwarding somewhere) for a list of characters (you can alter > > what it looks for via regex). > > Ah, I initially skipped that package, thinking a servlet filter wasn't > really what I was after. Browsing through the code, it seems I was right. > While the code in question here might not help you, the concept of a Filter still can. You can use Filters to monitor (and potentially modify) the output stream by providing a wrapper around the HttpServletResponse that the container hands you, with custom implementations of getOutputStream() and getWriter() that send their output to a buffer instead of directly back to the client. Then, when the client returns, you can postprocess the buffer and weed out anything you think is dangerous. I think there's a sample filter to do GZIP compression in the Tomcat releases, which you could use as a model of the overall architecture. Crag - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
On 7/18/05, Mike Elliott <[EMAIL PROTECTED]> wrote: > If I use a session bean, I can do some sort of setup (from an > Action) on its initial creation, including creating the list of > contained objects. That can't happen if it's in request scope because > there is no chance to invoke the setup before the bean is populated > from the request. ActionForm.reset() for session-scoped forms, ActionForm.ActionForm() for request-scoped forms. I do not remeber, if reset() is called for request-scoped forms. Why would you want to use request scope anyway? I use session scope and I am pretty happy. Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: Manually Instantiating Action classes
> -Ursprüngliche Nachricht- > Von: Michael Jouravlev [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 18. Juli 2005 23:36 > An: Struts Users Mailing List > Betreff: Re: Manually Instantiating Action classes > > On 7/18/05, Leon Rosenberg <[EMAIL PROTECTED]> wrote: > > First choice action hierarchy > > Second choice helper classes > > Or maybe a good combination of both :-) > > Chaining? ;-) Sure, why not, but I think this is an implementation detail; first he has to decide which way to go, then, how to get there :-) Regards Leon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
AW: Manually Instantiating Action classes
> -Ursprüngliche Nachricht- > Von: Michael Jouravlev [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 18. Juli 2005 23:36 > An: Struts Users Mailing List > Betreff: Re: Manually Instantiating Action classes > > On 7/18/05, Leon Rosenberg <[EMAIL PROTECTED]> wrote: > > First choice action hierarchy > > Second choice helper classes > > Or maybe a good combination of both :-) > > Chaining? ;-) Sure, why not, but I think this is an implementation detail; first he has to decide which way to go, then, how to get there :-) Regards Leon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Copying of properties vs. nested VO
Having a VO/BO with string- & strong-property getters and setters is IMHO a short cut through the UI / business domain interface. While the business domain is normally modelled using OO techniques, the view or user interface should be modelled using human behaviour analysis techniques that produce the best interface for users to get their work done efficiently, reflecting their mental model of what is going on. If you want a good app, you really should do some decent user interface design work on it. There would be an interface where business domain VOs / BOs are mapped onto user interface VOs via code. Your short-cut can cut through this, but if you do it everywhere, you run the risk of forcing your users to learn the business domain OO model which might be a huge leap away from their own mental model. That would lead to an inefficient user interface where the users take much longer to get up to speed, if they manage it at all. Not all users can think like geeks! Adam Michael Jouravlev on 18/07/05 19:02, wrote: Anyone in the mood to kick the dead horse again? I decided to compare two approaches to use/update data from Struts. I am obviously biased towards nested VO/BO, so maybe I left something out. [I] Property copying This one seems to be the default and "officially endorsed" Struts practice. 1) Create/Load data. Workflow: * To use existing data it is loaded from database into BO/VO, then BO/VO properties are copied to action form. * To create new data nothing special is performed, action form is just cleaned if it has session scope. Notes: * BO/VO usually has strongly typed properties. * Validation is usually performed in the action form. * Intermediate data is flying around action form/request/response. * Because of double data copying (from database to BO/VO, then from BO/VO to action form) it is tempting to avoid BO/VO altogether or to make it as dumb as possible. Thus, this approach usually uses struct-type VO instead of behavioral BO. 2) Modify data Current data is kept in the action form, usually having request scope. Notes: * Request-scoped action forms do not allow to use two-phase request processing 3) Store data Workflow: * Data is validated in the action form first, then copied to BO/VO * BO/VO validates business rules * BO/VO is stored in the database Notes: * Business rules are validated after data is copied from action form to BO/VO; inefficient. * In this approach BO/VO is usually treated like a persistent object (EJB-style), that is modifications to BO/VO are immediately reflected in database. [II] Using nested BO/VO 1) Create/Load data. Workflow: * To use existing data it is loaded from database into BO/VO; this BO/VO is detached from database, that is all changes to it do not affect persistent data. * To enter new data a new instance of BO/VO is created; it is detached as well. ID/PK can be generated on this stage or is created on "store" stage. * BO/VO is kept in the session, or stored as nested object in the action form, which has session scope. Notes: * BO/VO usually has string properties or double-type properties: string/strong. Another choice is to define action form's setters as string, and to set BO data from within them. * Validation is performed partly by the BO/VO, and partly by the action form. * Intermediate data is kept in the BO/VO; transient data is kept in the action form. * This approach better supports OO model; enforces usage of a real BO with behavioral methods. 2) Modify data Current data is kept in the BO nested in the action form; action form has session scope. HTML form can either use/set nested properties directly, or use action form's setters/getters, which convert data and set it in the nested BO. 3) Store data Workflow: * Transient data is validated by the action form. * Business data is validated by nested BO * BO/VO is stored in the database Two major questions is where to perform validation and type conversion. One opinion is to perform validation and type conversion in an action form, and to have strongly typed VOs. Another is to have string- or string/strong properties for BO, which may provide better flexibility for different web frameworks and clients (for web service, WML, VoiceXML, non-Struts - most rules are in one place despite of different UI). Transient property may be stored in the BO to have all validation rules in BO. Did I miss something or got something wrong? Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Not a problem...
http://javawebparts.sourceforge.net/javadocs/index.html
In the javawebparts.filter package, you should see the
CrossSiteScriptingFilter.
This will filter any incoming parameters, and optionally attributes (good
for if your forwarding somewhere) for a list of characters (you can alter
what it looks for via regex).
--
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
On Mon, July 18, 2005 3:44 pm, Laurie Harper said:
> Thanks; I had a quick hunt through the Javadocs but couldn't see anything
> relevant. Can you give me a push in the right direction? ;-)
>
> L.
>
> Frank W. Zammetti wrote:
>
>> I have one as part of Java Web Parts
>> (http://javawebparts.sourceforge.net). Let me know if it suits your
>> needs
>> (and if not, let me know the shortcomings so I can expand it!)
>>
>> --
>> Frank W. Zammetti
>> Founder and Chief Software Architect
>> Omnytex Technologies
>> http://www.omnytex.com
>>
>> On Mon, July 18, 2005 2:28 pm, Laurie Harper said:
>>
>>>Does anyone know of a good, complete implementation of a cross-site
>>>scripting filter for pre-processing user entered text that needs to be
>>>rendered as HTML? Obviously / ${fn:escapeXml()} / etc. aren't
>>> the
>>>right solution ;-) but there's nothing in standard JSTL or Struts (that
>>> I
>>>know of) that is.
>>>
>>>Any pointers appreciated!
>>>
>>>L.
>>>--
>>>Laurie, Open Source advocate, Java geek and novice blogger:
>>>http://www.holoweb.net/laurie
>>>
>>>
>>>-
>>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>
>
> --
> Laurie, Open Source advocate, Java geek and novice blogger:
> http://www.holoweb.net/laurie
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
Mike Elliott wrote the following on 7/18/2005 10:55 AM: I've been beating my head against this all weekend to no avail. I understand how to do this in session scope, but don't know if it's even possible in request scope. As I understand things (which may be wrong), when the form is submitted (in request scope) a new form bean is created and populated with the values in the collection from the HTML form. But, of course, a newly created form won't know how many elements are in the form so it can't pre-populate the collection with beans to be filled in. Right? I'm still not totally clear where the problem is, since I'm not sure what Session has to do with the initial setup of the form. It might help if you let us know what the exact problem is when using request scope... 1) A problem when you submit the form and getting 'index' problems showing up in the logs? 2) Is it making sure the nested structure is still there when validation fails? I'm confused because you mention "But, of course, a newly created form won't know how many elements are in the form so it can't pre-populate the collection with beans to be filled in." This statement confused me because you seem to be implying it works when it's in Session which doesn't make sense since even with a Session scoped form you still need to some initial population somewhere. Typically I feel you should always go to some sort of "setUp" action or dispatch method BEFORE you ever forward to a form. Initially you can often skip this step but later on there will be something you want to 'do' before you get to the form anyway so I find it good practice to go to a 'set up' first. For the two problems listed above the link Naill posted is good http://wiki.apache.org/struts/StrutsCatalogLazyList (and I just recently added to that link the way I like to do it). Let us know if you can't get it to work. I have to use Nested stuff all the time, so I'll be able to help. -- Rick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Copying of properties vs. nested VO
On 7/18/05, Adam Hardy <[EMAIL PROTECTED]> wrote: > While the business domain is normally modelled using OO techniques, the > view or user interface should be modelled using human behaviour analysis > techniques that produce the best interface for users to get their work > done efficiently, reflecting their mental model of what is going on. ... > If you do [the business/UI shortcut] everywhere, you run the risk > of forcing your users to learn the business domain OO model > which might be a huge leap away from their own mental model. While I may agree that business model may differ from UI model, I cannot agree with the idea that they *should* be different. The first principle of OOP is that program objects reflect actual life objects. Department, employee, order, order items, etc. These are things that people work with, and these should be modeled by domain model. For example, we have department and employees. Or an order and order items. I think everyone would model it as Order-1:M-Item. What does a user work with? Same order and order items. What does a user expect to see? An order and items, corresponding to it. Of course, there are reference tables/objects, there are additional tables to ensure M:M relationship, there is a lot of plumbing behind. But a user does not work with plubming objects, unless it is a combobox with options. For example, Outlook Express. We have Folders with typed items like emails or news or forums. For each forum item there is a list of messages. For messages there is view preferences, sort order, and such. So, Folders and messages are definetely business objects. View preferences... that depends, but considering that OE's data model is specifically built for user interaction, view preferences can be stored along with each forum/message list as business object. I am not convinced that UI should be *that* different from domain model. Do you have examples? Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Cancel and Populating...
I have a Cancel Button in my page... when it's submit, populating error occurs... In jsf, it's solutionated by the immediante attribute to false. How is in struts?... (When Cancel, i want forward to another page... nothing more :) ) -- Mariano G. Petrakovsky Programmer · Software Factory AXG Tecnonexo - www.tecnonexo.com Development facilities:Av. Maipú 1252 8º (C1006ACT) · Buenos Aires · Argentina. Tel.: (54-11) 4878-0005 - Fax: (54-11) 4878-0065. Headquarters: 1604 Spring Hill Road, Suite 160 Vienna · VA 22182 · USA. Tel.: (202) 986-7541 - Fax: (202) 787-3891. · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
On 7/18/05, Mike Elliott <[EMAIL PROTECTED]> wrote: > > Well I could see for large forms with nested data it might not be a > > great idea to keep these around in the Session. I 'try' to stick to > > using the Request when I can but I don't bend over backwards like > > some do on this list to avoid the Session.. I'm in "The Session is your > > friend" camp:). Request will work fine however for Mike's situation. He > > just needs to wrap his collection in his ActionForm around a LazyList > > (or he can use a regular list and do the handcranking approach of > > incrementing the size when needed in the getList property in his form. > > LazyList is cleaner, though). > > Request is required for my situation -- the user can have multiple > versions of the same page active in the same session. That's what > drove me away from the 'working' session scope bean -- I had users who > were messing up the session scoped bean by opening the same page > multiple times and making modifications. Wicket has versioning for situations like this. I am thinking, does it make sense to create versioned action forms for Struts? Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do you create a Validator rule to compare 3 fields
Harland, David wrote: I have three checkboxes that can all either be unchecked or only one can be checked. How do I create a Validator rule for this. I don't think it is possible to do this neatly as I think you will always get more than one of the same error message. Can someone please tell me if I am right. You may be able to do what you want with validwhen, though it might get a bit hairy. If only one checkbox should be selected, maybe you could use radio buttons instead? Failing that, you may need to plug in your own custom validator (see [1] for details). [1] http://struts.apache.org/userGuide/dev_validator.html Thanks Dave. This e mail is from DLA Piper Rudnick Gray Cary UK LLP. [... ad nauseum] Sigh. L. -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
On 7/18/05, Leon Rosenberg <[EMAIL PROTECTED]> wrote: > First choice action hierarchy > Second choice helper classes > Or maybe a good combination of both :-) Chaining? ;-) - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
> Well I could see for large forms with nested data it might not be a > great idea to keep these around in the Session. I 'try' to stick to > using the Request when I can but I don't bend over backwards like > some do on this list to avoid the Session.. I'm in "The Session is your > friend" camp:). Request will work fine however for Mike's situation. He > just needs to wrap his collection in his ActionForm around a LazyList > (or he can use a regular list and do the handcranking approach of > incrementing the size when needed in the getList property in his form. > LazyList is cleaner, though). Request is required for my situation -- the user can have multiple versions of the same page active in the same session. That's what drove me away from the 'working' session scope bean -- I had users who were messing up the session scoped bean by opening the same page multiple times and making modifications. I don't see LazyList as any cleaner. You have to add one method in either case. With LazyList you have to implement Factory then add the create() method. Extending ArrayList you have to implement a new get(). I'll stick with the latter. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Name of the form
I need to instantiate a form that is not associated with my particular action and place it on the request before forwarding... Right now I have to hardcode the name of the form as the key into the request scope. I know that you can get the configured name of the form that IS associated with your action by doing mapping.getAttribute(). However, how do I get the configured name of the form with just knowing the fully qualified class name? Is there a way to do this? Are there any other suggestion as to how NOT to hardcode the name of the form. Thanks, NG - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Thanks; I had a quick hunt through the Javadocs but couldn't see anything
relevant. Can you give me a push in the right direction? ;-)
L.
Frank W. Zammetti wrote:
I have one as part of Java Web Parts
(http://javawebparts.sourceforge.net). Let me know if it suits your needs
(and if not, let me know the shortcomings so I can expand it!)
--
Frank W. Zammetti
Founder and Chief Software Architect
Omnytex Technologies
http://www.omnytex.com
On Mon, July 18, 2005 2:28 pm, Laurie Harper said:
Does anyone know of a good, complete implementation of a cross-site
scripting filter for pre-processing user entered text that needs to be
rendered as HTML? Obviously / ${fn:escapeXml()} / etc. aren't the
right solution ;-) but there's nothing in standard JSTL or Struts (that I
know of) that is.
Any pointers appreciated!
L.
--
Laurie, Open Source advocate, Java geek and novice blogger:
http://www.holoweb.net/laurie
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Laurie, Open Source advocate, Java geek and novice blogger:
http://www.holoweb.net/laurie
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
submit form
How can I submit html:form by pressing CTRL+S ? -- regards, Sergey mailto:[EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: submit form
Sergey try "javascript:testKeyCode(evt)" onclick = "javascript:testKeyCode(evt)" />
Re: submit form
The short and not v.helpful response is you can't submit - its just a JSP tag that renders a HTML element and has nothing to do with the submit process. Some of the Struts tags have the "accesskey" attribute which defines a key that can be used with the accelerator key (usually ALT) to invoke a form control. So if you use the struts submit tag you could do something like... Niall - Original Message - From: "Sergey Livanov" <[EMAIL PROTECTED]> Sent: Monday, July 18, 2005 8:36 PM > How can I submit html:form by pressing CTRL+S ? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Manually Instantiating Action classes
In the process of writing an Action class, I realized that it needs some application functionality (not general utility kinda functionality) that is already part of a method in a different Action class. So, Action MyAction1 needs to access method myMethod2 in Action MyAction2. Here are the options that I could think of: 1. Instantiate the MyAction2 class manually and access the myMethod2. 2. Create a Helper class and move the funcationality there so that both the classes could use it. I cannot put this in a separate parent class and extend MyAction1 and MyAction2 from it because I already have another Action class that all Actions extend from and I would like to adhere to it...if possible. What is a better way in this scenario? In particular, is it bad to manually instantiate Action classes? Thanks! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
On 7/18/05, Rick Reumann <[EMAIL PROTECTED]> wrote: > Michael Jouravlev wrote the following on 7/18/2005 3:59 PM: > > > ActionForm.reset() for session-scoped forms, ActionForm.ActionForm() > > for request-scoped forms. I do not remeber, if reset() is called for > > request-scoped forms. > > Yes, reset is always called when the form submits. I know I mentioned in > this in another post but I would disagree with repopulating your beans > in the reset() UNLESS... you did adopt the whole ball of wax the way you > have designed your stuff Michael. In other words if you go with your > approach of the form beans doing other stuff than holding user input, > than you can go ahead and mess with the reset doing that kind of stuff, > but if Mike is sticking to 'typical' Struts than I wouldn't recommend > repopulating in the reset. 'Typical' is not always better. I am finishing rewriting Mail Reader using my approach, and it looks much cleaner, at least to me ;) and is more robust. I understand that having session objects opens a whole can of worms related to garbage-collecting of abandoned objects, and Struts does not have this facility. I saw a project which does just that, but cannot find it now ;( Michael. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [FRIDAY] What technology do you use for authentication and authorization?
Craig McClanahan wrote the following on 7/16/2005 1:03 AM: For maximum positive benefit to the world, please cc your responses both here Asked someone on our team (not on the Struts list) who handles the authentication stuff for our applications and he came up with: - Here's my Servlet API wishlist for authentication: * Standard support for custom authenticators: To integrate with SiteMinder, currently we use Tomcat's custom authenticator support which is a bit of a "hack" (applying the nicest possible term). * Standard way of accessing permission groups beyond "Roles": We have a custom JAAS login module to load account and access information from various sources. Currently to access data beyond the "Roles" group we have to make a separate call after the user logs in because there is no standard way of accessing other permission groups. * +1 on self-registration and "remember me" Beyond authentication: * Async NIO support * Standard FTPServlet * Apache-style rewrite rules -- - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
a k wrote: What is a better way in this scenario? In particular, is it bad to manually instantiate Action classes? I don't know if it's "bad" per se, but if it's shared functionality then from an architectural standpoint I would think it'd better to move it into a helper class. Dave - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
Agreed with dave, But maybe another point, You said you already have a class all actions extend, right? Is it said somewhere that the actions can extend one class only? I mean, if it's needed by the architecture, you can create a whole action hierarchy... And if you'd need multiple inheritance - use delegates :-) As to you another option, I know different people on this list like to instantiate actions directly, but as for me, it's forbidden in my team, because it brings a lot of problems with ressource sharing if you count to instantiate an action once, and do it multiple times. So in my opinion: First choice action hierarchy Second choice helper classes Or maybe a good combination of both :-) Regards Leon > -Ursprüngliche Nachricht- > Von: Dave Newton [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 18. Juli 2005 23:18 > An: Struts Users Mailing List > Betreff: Re: Manually Instantiating Action classes > > a k wrote: > > >What is a better way in this scenario? In particular, is it bad to > >manually instantiate Action classes? > > > > > I don't know if it's "bad" per se, but if it's shared > functionality then from an architectural standpoint I would > think it'd better to move it into a helper class. > > Dave > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Manually Instantiating Action classes
Agreed with dave, But maybe another point, You said you already have a class all actions extend, right? Is it said somewhere that the actions can extend one class only? I mean, if it's needed by the architecture, you can create a whole action hierarchy... And if you'd need multiple inheritance - use delegates :-) As to you another option, I know different people on this list like to instantiate actions directly, but as for me, it's forbidden in my team, because it brings a lot of problems with ressource sharing if you count to instantiate an action once, and do it multiple times. So in my opinion: First choice action hierarchy Second choice helper classes Or maybe a good combination of both :-) Regards Leon > -Ursprüngliche Nachricht- > Von: Dave Newton [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 18. Juli 2005 23:18 > An: Struts Users Mailing List > Betreff: Re: Manually Instantiating Action classes > > a k wrote: > > >What is a better way in this scenario? In particular, is it bad to > >manually instantiate Action classes? > > > > > I don't know if it's "bad" per se, but if it's shared > functionality then from an architectural standpoint I would > think it'd better to move it into a helper class. > > Dave > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[OT] Cross-site scripting filters
Does anyone know of a good, complete implementation of a cross-site
scripting filter for pre-processing user entered text that needs to be
rendered as HTML? Obviously / ${fn:escapeXml()} / etc. aren't the
right solution ;-) but there's nothing in standard JSTL or Struts (that I
know of) that is.
Any pointers appreciated!
L.
--
Laurie, Open Source advocate, Java geek and novice blogger:
http://www.holoweb.net/laurie
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cancel and Populating...
Mariano Petrakovsky wrote: I have a Cancel Button in my page... when it's submit, populating error occurs... In jsf, it's solutionated by the immediante attribute to false. How is in struts?... (When Cancel, i want forward to another page... nothing more :) ) What error do you get on submit? Do you mean you get validation errors? If so and you're using he Validator framework, you can use to render your cancel button, which will turn off validation when it's clicked. See: http://struts.apache.org/userGuide/struts-html.html#cancel · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · Here are some more for your collection: . . . . . . . :-) -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Cancel and Populating...
Mariano- I take you have already identified your ActionForwards with something like this in your struts-config.xml? Saludos Cordiales, M- - Original Message - From: "Mariano Petrakovsky" <[EMAIL PROTECTED]> To: "Lista de correo de Struts" Sent: Monday, July 18, 2005 2:52 PM Subject: Cancel and Populating... I have a Cancel Button in my page... when it's submit, populating error occurs... In jsf, it's solutionated by the immediante attribute to false. How is in struts?... (When Cancel, i want forward to another page... nothing more :) ) -- Mariano G. Petrakovsky Programmer · Software Factory AXG Tecnonexo - www.tecnonexo.com Development facilities:Av. Maipú 1252 8º (C1006ACT) · Buenos Aires · Argentina. Tel.: (54-11) 4878-0005 - Fax: (54-11) 4878-0065. Headquarters: 1604 Spring Hill Road, Suite 160 Vienna · VA 22182 · USA. Tel.: (202) 986-7541 - Fax: (202) 787-3891. · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · · - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do you create a Validator rule to compare 3 fields
At 1:36 PM -0400 7/18/05, Laurie Harper wrote: Harland, David wrote: I have three checkboxes that can all either be unchecked or only one can be checked. How do I create a Validator rule for this. I don't think it is possible to do this neatly as I think you will always get more than one of the same error message. Can someone please tell me if I am right. You may be able to do what you want with validwhen, though it might get a bit hairy. If only one checkbox should be selected, maybe you could use radio buttons instead? Failing that, you may need to plug in your own custom validator (see [1] for details). There is an open Bugzilla ticket which offers a powerful "expression" validator to Struts; it was written by one of my colleagues, and I think it's pretty hot stuff. There are some discussions underway about the best way to add it to Struts right now, but in the meantime, if you were so motivated, you could pick your way through the ticket and apply the patches to your own project. It works well and once you have it implemented, it's quite straightforward (much more so, in my opinion, than "validwhen" or "requiredif"). If you just create all the specified new classes in your project's own package space and add dependencies to a few things, you should be all set. See http://issues.apache.org/bugzilla/show_bug.cgi?id=34849 Joe -- Joe Germuska [EMAIL PROTECTED] http://blog.germuska.com "Narrow minds are weapons made for mass destruction" -The Ex - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [OT] Cross-site scripting filters
Frank W. Zammetti wrote: Not a problem... http://javawebparts.sourceforge.net/javadocs/index.html In the javawebparts.filter package, you should see the CrossSiteScriptingFilter. This will filter any incoming parameters, and optionally attributes (good for if your forwarding somewhere) for a list of characters (you can alter what it looks for via regex). Ah, I initially skipped that package, thinking a servlet filter wasn't really what I was after. Browsing through the code, it seems I was right. For one thing, I want to filter text on output, not filter request parameters on input. But more important, your filter only checks for (and rejects) anything with a few particular characters -- all of which are valid in most cases from an XSS-prevention standpoint. For what it's worth, injecting XSS attacks through that filter is pretty easy. For example, the following wouldn't be caught: I'm hoping I can find something that addresses all the nefarious XSS strategies out there. It's not easy to implement something that's complete, especially when you try to deal with embedded CSS in the HTML you're trying to sanitize...! Thanks for the link though :-) -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: instantiation of actionforms in session scope
There could be several poteintal problems. 1) make sure the JSP does not have the session=false page directive set. 2) Make sure you are referencing the form using the same name as you have it defined in the struts config (remember capitalization does count). 3) Make sure you are accessing the form from within the html:form tag and that the struts action specified in the form action has the expected form as the type in the struts config. Martin Morawetz <[EMAIL PROTECTED]> Martin Morawetz <[EMAIL PROTECTED]> 07/18/2005 12:57 PM Please respond to "Struts Users Mailing List" To user@struts.apache.org cc Subject instantiation of actionforms in session scope Hi to all, I use a formbean within session-scope (declared in struts-config.xml). However it behaves like it would be within request-scope. Every new page it gets instantiated again. I checked the sessionid and it is every page the same, so I guess am within the same http-session. Does anyone have some ideas what the reason may be? Every hint is highly appreciated. -- Regards Martin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do you create a Validator rule to compare 3 fields
Have you considered using radio buttons instead of checkboxes? From a
UI standpoint, I think that would make more sense.
That aside, I do not know of any easy way to do this sort of
validation using the Validator plugin. I would override the validate
method in my action form for just those properties:
public class CustomForm extends ValidatorActionForm {
// Getters / setters
public ActionErrors validate(mapping, request) {
ActionErrors errors = super.validate(mapping,request); // this will
use the Validator framework
if (!checkbox1 && !checkbox2 && !checkbox3) return errors;
if ((checkbox1 && (checkbox2 || checkbox3)) ||
(checkbox2 && checkbox3) {
// add an ActionError to errors here
}
return errors;
}
}
-- Jeff
On 7/18/05, Harland, David <[EMAIL PROTECTED]> wrote:
> I have three checkboxes that can all either be unchecked or only one can
> be checked.
>
> How do I create a Validator rule for this. I don't think it is possible
> to do this neatly as I think you will always get more than one of the
> same error message. Can someone please tell me if I am right.
>
> Thanks
>
> Dave.
>
> This e mail is from DLA Piper Rudnick Gray Cary UK LLP.
>
> The contents of this email and any attachments are confidential to the
> intended recipient. They may not be disclosed to or used by or copied in any
> way by anyone other than the intended recipient. If this email is received in
> error, please contact DLA Piper Rudnick Gray Cary UK LLP on +44 (0) 8700
> 11 quoting the name of the sender and the email address to which it has
> been sent and then delete it.
>
> Please note that neither DLA Piper Rudnick Gray Cary UK LLP nor the sender
> accept any responsibility for viruses and it is your responsibility to scan
> or otherwise check this email and any attachments.
>
> DLA Piper Rudnick Gray Cary UK LLP is a limited liability partnership
> registered in England and Wales (registered number OC307847) which provides
> services from offices in England, Belgium, Germany and the People's Republic
> of China. A list of members is open for inspection at its registered office
> and principal place of business 3 Noble Street, London EC2V 7EE. Partner
> denotes member of a limited liability partnership.
>
> DLA Piper Rudnick Gray Cary UK LLP is regulated by the Law Society and is a
> member of DLA Piper Rudnick Gray Cary, a global legal services organisation,
> the members of which are separate and distinct legal entities. For further
> information, please refer to www.dlapiper.com.
>
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: saving a DynaForm
Dewitte Rémi wrote: Hello ! I uses LazyDynaForm to gather user results. Now I'd like to save those results. All persisence framework are for POJO, do you know a common solution ? May I create a POJO to make the transition/link ? It all depends on your requirements and what persistence technologies you want to use. As Martin said, your LazyDynaForms are Serializable so you can write them to an object stream as with any other Serializable class. Many persistence frameworks, including (most?) ORM tools can persist Serializable instances directly. Your other option is to define a concrete POJO which you can map to persistent storage using your chosen solution and copy data from your LazyDyanForm into your POJO prior to persisting. BeanUtils can make it pretty trivial (sometimes as little as a single line of code) to manage the copying of data between form beans and POJOs. If that doesn't help, you might want to post a more detailed description of what you want to do. L. -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: I need help running an example
Stéphane Zuckerman wrote: First of all, you should understand that using JBoss, Tomcat (which implicitly is run under JBoss), or any other application server doesn't change anything. If you embed the right libraries (jar, ear, war, whatever), everything should work fine for your server. Anything else is a problem coming from your web app. Not necessarily. The code snipet below is checking for an authenticated user's authroized roles. If the app is depending on contain managed security, it's dependant on vendor-specific configuration. Simply deploying the war file isn't enough to get it working. This piece of code just means that if the role "Administrator" has been defined for the current user, then it should display the "submit" button. Otherwise, the submit does nothing. Right. So you need to follow the documentation supplied with the application and/or look up the relevant info in the JBoss docs on setting up the required users and roles. L. -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/laurie - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
instantiation of actionforms in session scope
Hi to all, I use a formbean within session-scope (declared in struts-config.xml). However it behaves like it would be within request-scope. Every new page it gets instantiated again. I checked the sessionid and it is every page the same, so I guess am within the same http-session. Does anyone have some ideas what the reason may be? Every hint is highly appreciated. -- Regards Martin - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: How do you create a Validator rule to compare 3 fields
Pardon the non-answer (and I would encourage anyone who knows how to validate interdependent checkboxes to respond), but ordinarily using four radio buttons (the fourth being a "none" radio button, selected by default) would be the more standard GUI choice, and one for which you can forgo validation. Still, if you go with validating & returning errors on checkboxes, note that checkbox state retention issues may need to be tended to, as described from page 123 of the Struts Survival Guide[1]. Glen [1] http://www.objectsource.com/Struts_Survival_Guide.pdf Harland, David wrote: I have three checkboxes that can all either be unchecked or only one can be checked. How do I create a Validator rule for this. I don't think it is possible to do this neatly as I think you will always get more than one of the same error message. Can someone please tell me if I am right. Thanks Dave. This e mail is from DLA Piper Rudnick Gray Cary UK LLP. The contents of this email and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this email is received in error, please contact DLA Piper Rudnick Gray Cary UK LLP on +44 (0) 8700 11 quoting the name of the sender and the email address to which it has been sent and then delete it. Please note that neither DLA Piper Rudnick Gray Cary UK LLP nor the sender accept any responsibility for viruses and it is your responsibility to scan or otherwise check this email and any attachments. DLA Piper Rudnick Gray Cary UK LLP is a limited liability partnership registered in England and Wales (registered number OC307847) which provides services from offices in England, Belgium, Germany and the People's Republic of China. A list of members is open for inspection at its registered office and principal place of business 3 Noble Street, London EC2V 7EE. Partner denotes member of a limited liability partnership. DLA Piper Rudnick Gray Cary UK LLP is regulated by the Law Society and is a member of DLA Piper Rudnick Gray Cary, a global legal services organisation, the members of which are separate and distinct legal entities. For further information, please refer to www.dlapiper.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
Good Morning Mike There are a Number of options for implementing with request scope and manual validation explained by Rick Reumann http://www.reumann.net/struts/articles/request_lists.jsp I think its worth noting what Thomas Edison said of weekend warriors "I have not failed. I've just found 10,000 ways that won't work."-- Thomas Edison - Original Message - From: "Mike Elliott" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Monday, July 18, 2005 10:55 AM Subject: Re: Iterate over list in in list in form bean. On 7/13/05, Jörg Eichhorn <[EMAIL PROTECTED]> wrote: thanks for the hint and example. I've choosen the nested way to do this, because i think this makes the jsp code more readable. I there a way to do the same using request scope? When i do this i get an exception because the collection is not re-filled anymore. This is the same question I have, but of course I'm a week late in asking it. However, I noticed that no one answered Jörg's version so I'll ask it again: Is there a way to do the same using request scope? I've been beating my head against this all weekend to no avail. I understand how to do this in session scope, but don't know if it's even possible in request scope. As I understand things (which may be wrong), when the form is submitted (in request scope) a new form bean is created and populated with the values in the collection from the HTML form. But, of course, a newly created form won't know how many elements are in the form so it can't pre-populate the collection with beans to be filled in. Right? So following this path leads to wailing, lamentation, gnashing of teeth, rending of clothes and utter frustration. Right? If there is simply no way to do this, I'd really appreciate someone letting me know so that I'm put out of my misery. And, if someone could suggest a workaround, I'd be most welcome. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: basic struts question using a Map in an ActionForm
On 7/18/05, Rick Reumann <[EMAIL PROTECTED]> wrote: > To me, this is very confusing. Why doesn't the html:property tag perform > the same kind of logic as JSTL does? I would think I should be able to > just do... > > > > and not need to create a new accessor method name and the odd syntax (x) ? > This is likely to be an artifact that the expression language syntax used by and friends, inherited from Commons BeanUtils, preceeded the existence of the expression language used in JSTL by a couple of years. JSTL's (and JSF's ... uses the same evaluation engine) expression languages are much more powerful and complete. > Rick Craig - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Nested Bean Validation
On 7/18/05, Scott Purcell <[EMAIL PROTECTED]> wrote: > So my question is as follows: > When using struts, is a nested bean common? And if so, how do you validate > just one bean from the parent? > > eg: Lets say that the bean lets call it "checkout" and inside it has the > users shipping information. So that bean will be called "shippinginfo" > So the bean checkout has a shippinginfo bean in it. Now when the user > navigates to the html form where he can update the shippinginfo, contents, I > need to validate the shippinginfo, that exists inside checkout. > > Can this be done, and if so is this the clean way to accomplish my task. Up > until now, I have basically created one bean, per html form so this is kind > of new to me. Yes. It is easy to do. You use the same property reference syntax for nested bean properties in your validation.xml file that you would use to populate form fields automatically for your nested bean properties using the Struts html taglib. For example, here is partial validation.xml form element definition that specifies that the "city" property of the nested "shippinginfo" bean is a required property: ... > > Thanks, > Scott -Van -- - Mike "Van" Riper [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
There are ways to resolve this, see this page on the wiki http://wiki.apache.org/struts/StrutsCatalogLazyList Niall - Original Message - From: "Mike Elliott" <[EMAIL PROTECTED]> Sent: Monday, July 18, 2005 3:55 PM On 7/13/05, Jörg Eichhorn <[EMAIL PROTECTED]> wrote: > thanks for the hint and example. I've choosen the nested way to do this, > because i > think this makes the jsp code more readable. > > I there a way to do the same using request scope? > When i do this i get an exception because the collection is not re-filled > anymore. This is the same question I have, but of course I'm a week late in asking it. However, I noticed that no one answered Jörg's version so I'll ask it again: Is there a way to do the same using request scope? I've been beating my head against this all weekend to no avail. I understand how to do this in session scope, but don't know if it's even possible in request scope. As I understand things (which may be wrong), when the form is submitted (in request scope) a new form bean is created and populated with the values in the collection from the HTML form. But, of course, a newly created form won't know how many elements are in the form so it can't pre-populate the collection with beans to be filled in. Right? So following this path leads to wailing, lamentation, gnashing of teeth, rending of clothes and utter frustration. Right? If there is simply no way to do this, I'd really appreciate someone letting me know so that I'm put out of my misery. And, if someone could suggest a workaround, I'd be most welcome. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: basic struts question using a Map in an ActionForm
Rick Reumann wrote the following on 7/14/2005 4:26 PM:
Rick Reumann wrote the following on 7/14/2005 4:20 PM:
From the FAQ I'm going to try this in my ActionForm..
public Object getStringMapped(String key) {
return map.get(key);
}
public void setStringMapped(String key, Object value) {
map.put(key, value);
}
When in doubt look at the docs:)
The above worked fine..and then...
In relation to the above, I'm curious what is going on behind the scenes
(yea too lazy to look it up:), because I'm curious why the ActionForm
doesn't behave like a regular POJO with JSTL.
For example... using JSTL and my POJO I'm doing this ..
YET, when I have to use this property in my form I need to create an
extra getter "getMetadataMapped" and the property becomes...
To me, this is very confusing. Why doesn't the html:property tag perform
the same kind of logic as JSTL does? I would think I should be able to
just do...
and not need to create a new accessor method name and the odd syntax (x) ?
--
Rick
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Nested Bean Validation
Hello, I would like some input into the following situation. I am diagraming a bean that will hold data for a checkout. Basically it will be a bean that will hold user_information, shipping_information, etc. So in effect the bean will hold other beans. So my question is as follows: When using struts, is a nested bean common? And if so, how do you validate just one bean from the parent? eg: Lets say that the bean lets call it "checkout" and inside it has the users shipping information. So that bean will be called "shippinginfo" So the bean checkout has a shippinginfo bean in it. Now when the user navigates to the html form where he can update the shippinginfo, contents, I need to validate the shippinginfo, that exists inside checkout. Can this be done, and if so is this the clean way to accomplish my task. Up until now, I have basically created one bean, per html form so this is kind of new to me. Thanks, Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Calling validator rule direct from code
Thanks for this. I think Im going to have to go a bit outside of standard Struts functionality to do what I need to do but the validator is part of commons now of course so I can make code level calls that way. Quoting Martin Gainty <[EMAIL PROTECTED]>: > Good Morning Charles > >From what I can gather there are 4 scenarios to instantiate a form > and > handle validation > http://mail-archives.apache.org/mod_mbox/struts-user/200407.mbox/% [EMAIL PROTECTED] > > If you decide to use option D) DynaValidatorForm then > Take a look at Rick Reumann's site for example of usage > http://www.reumann.net/struts/lesson3/step4.do > HTH, > Martin- > > - Original Message - > From: <[EMAIL PROTECTED]> > To: "Struts Users Mailing List" > Sent: Monday, July 18, 2005 7:11 AM > Subject: Calling validator rule direct from code > > > > Hi, > > > > Using Tomcat 5, I have an application which builds a multipage > web > > form based on data from a database and user input. I'd like to be > able > > to use the validtator to it but can't determine the required > fields > > until run time. I was wondering how I could use the pre-build > > validator rules in this situation. It is possible to explicitly > call a > > validator rule directly from a servlet.For example suppose I > wanted > > to call the date validation rule passing it a string containing a > date > > field and a datePattern of mm/dd/. Can this be done? If so > does > > anyone have an example? Or is there another way of solving this? > > > > > > Thanks, > > > > Charles > > > > > > > - > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Iterate over list in in list in form bean.
On 7/13/05, Jörg Eichhorn <[EMAIL PROTECTED]> wrote: > thanks for the hint and example. I've choosen the nested way to do this, > because i > think this makes the jsp code more readable. > > I there a way to do the same using request scope? > When i do this i get an exception because the collection is not re-filled > anymore. This is the same question I have, but of course I'm a week late in asking it. However, I noticed that no one answered Jörg's version so I'll ask it again: Is there a way to do the same using request scope? I've been beating my head against this all weekend to no avail. I understand how to do this in session scope, but don't know if it's even possible in request scope. As I understand things (which may be wrong), when the form is submitted (in request scope) a new form bean is created and populated with the values in the collection from the HTML form. But, of course, a newly created form won't know how many elements are in the form so it can't pre-populate the collection with beans to be filled in. Right? So following this path leads to wailing, lamentation, gnashing of teeth, rending of clothes and utter frustration. Right? If there is simply no way to do this, I'd really appreciate someone letting me know so that I'm put out of my misery. And, if someone could suggest a workaround, I'd be most welcome. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: saving a DynaForm
Rémi The Base Class of LazyDynaForm is ActionForm .. to quote the doc on ActionForm ActionForms are JavaBeans, subclasses should also implement Serializable, as required by the JavaBean specification Implementing Serializable interface would effectively 'save' your LazyDynaForm attributes Anyone else ?? Bon Chance, Martin- - Original Message - From: "Dewitte Rémi" <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Monday, July 18, 2005 11:41 AM Subject: saving a DynaForm Hello ! I uses LazyDynaForm to gather user results. Now I'd like to save those results. All persisence framework are for POJO, do you know a common solution ? May I create a POJO to make the transition/link ? Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Token element wrapped with a div tag
Thanks Niall for your time and patience. - Glenn "Niall Pemberton" <[EMAIL PROTECTED]> 18/07/2005 10:33 AM Please respond to "Struts Users Mailing List" To "Struts Users Mailing List" cc Subject Re: Token element wrapped with a div tag Sorry, my reply wasn't very verbose. That bug is fixed in Version 1.2.7 - which is why you're seeing the elements. Generally we're not very good at actually "closing" bugs - once they're marked as "RESOLVED" they don't generally get any more attention. So if you see "RESOLVED FIXED" then it means its been done. Finding out whether a fix has made it into a released version or is just currently in the current svn repository is another matter. The release notes usually contain details of fixed bugs so thats probably the easiest way, if you know the bug number. http://struts.apache.org/userGuide/release-notes.html Niall - Original Message - From: <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Monday, July 18, 2005 1:55 PM Subject: Re: Token element wrapped with a div tag > Thanks Niall. > > It did not occur to me to check the ASF Bugzilla for Struts [I will > remember for the next time]. > I'm not familiar with the Status... since it is not yet closed.. this > means that the bug is not yet fixed in version 1.2.7 ? > > - Glenn > > > "Niall Pemberton" <[EMAIL PROTECTED]> > 18/07/2005 08:38 AM > > http://issues.apache.org/bugzilla/show_bug.cgi?id=32016 > > Niall > > - Original Message - > From: <[EMAIL PROTECTED]> > Sent: Thursday, July 14, 2005 4:11 PM > > > > Hi, > > > > Just curious as to why in the JSP the token is wrapped in a div tag? > > > > > value="383952ea7a0093448e02f3f0d635865b"> > > > > I'm using v1.2.7. > > > > Regards, > > Glenn - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How do you create a Validator rule to compare 3 fields
I have three checkboxes that can all either be unchecked or only one can be checked. How do I create a Validator rule for this. I don't think it is possible to do this neatly as I think you will always get more than one of the same error message. Can someone please tell me if I am right. Thanks Dave. This e mail is from DLA Piper Rudnick Gray Cary UK LLP. The contents of this email and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this email is received in error, please contact DLA Piper Rudnick Gray Cary UK LLP on +44 (0) 8700 11 quoting the name of the sender and the email address to which it has been sent and then delete it. Please note that neither DLA Piper Rudnick Gray Cary UK LLP nor the sender accept any responsibility for viruses and it is your responsibility to scan or otherwise check this email and any attachments. DLA Piper Rudnick Gray Cary UK LLP is a limited liability partnership registered in England and Wales (registered number OC307847) which provides services from offices in England, Belgium, Germany and the People's Republic of China. A list of members is open for inspection at its registered office and principal place of business 3 Noble Street, London EC2V 7EE. Partner denotes member of a limited liability partnership. DLA Piper Rudnick Gray Cary UK LLP is regulated by the Law Society and is a member of DLA Piper Rudnick Gray Cary, a global legal services organisation, the members of which are separate and distinct legal entities. For further information, please refer to www.dlapiper.com. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Token element wrapped with a div tag
Sorry, my reply wasn't very verbose. That bug is fixed in Version 1.2.7 - which is why you're seeing the elements. Generally we're not very good at actually "closing" bugs - once they're marked as "RESOLVED" they don't generally get any more attention. So if you see "RESOLVED FIXED" then it means its been done. Finding out whether a fix has made it into a released version or is just currently in the current svn repository is another matter. The release notes usually contain details of fixed bugs so thats probably the easiest way, if you know the bug number. http://struts.apache.org/userGuide/release-notes.html Niall - Original Message - From: <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Monday, July 18, 2005 1:55 PM Subject: Re: Token element wrapped with a div tag > Thanks Niall. > > It did not occur to me to check the ASF Bugzilla for Struts [I will > remember for the next time]. > I'm not familiar with the Status... since it is not yet closed.. this > means that the bug is not yet fixed in version 1.2.7 ? > > - Glenn > > > "Niall Pemberton" <[EMAIL PROTECTED]> > 18/07/2005 08:38 AM > > http://issues.apache.org/bugzilla/show_bug.cgi?id=32016 > > Niall > > - Original Message - > From: <[EMAIL PROTECTED]> > Sent: Thursday, July 14, 2005 4:11 PM > > > > Hi, > > > > Just curious as to why in the JSP the token is wrapped in a div tag? > > > > > value="383952ea7a0093448e02f3f0d635865b"> > > > > I'm using v1.2.7. > > > > Regards, > > Glenn - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: whats new with struts?? no beta for download
1) Struts 1.2.x == There isn't a current beta to download, but we recently (May 2005) released version 1.2.7 which has been classified as "ga" quality. Details of changes since Version 1.2.4 are available in the release notes: http://struts.apache.org/userGuide/release-notes.html 2) Struts 1.3.x == The current development version is Struts 1.3 which is provides a RequestProcessor based on Commons Chain. Theres a couple of good articles on Commons Chain written by Bill Siggelkow, with the second one describing how Struts uses it: http://www.onjava.com/pub/a/onjava/2005/03/02/commonchains.html http://www.onjava.com/pub/a/onjava/2005/03/02/commonchains2.html If you want to try 1.3 out, you can download a nightly build here http://svn.apache.org/builds/struts/maven/trunk/nightly/ Hopefully, we will get round to pushing a beta version out soon - but none of us know the timetable until someone actually gets round to doing it. 3) Shale == Shale is an alternative to "classic struts" - which is based on JSF. Details can be found here: http://struts.apache.org/shale/index.html Shale hasn't yet been released, but there are nightlies you can download. Niall - Original Message - From: "Ashish Kulkarni" <[EMAIL PROTECTED]> Sent: Monday, July 18, 2005 1:41 PM > Hello > I have been using struts for a while now, i did some > upgrade to 1.2.4 few months ago(may be 6 i dont > remmember) since then i was busy with some thing else > so lost touch with whats happening in struts. > I went to http://struts.apache.org to find out more > and was surprized to see that there is no eta version > for download? > there where new stuff like shale (i guess is long time > now) and integration with JSF, > so why is there no beta available for download? > when will be the next release of struts and what new > things will be included in it > Is there still a debate going on bewteen struts and > JSF > Ashish - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
saving a DynaForm
Hello ! I uses LazyDynaForm to gather user results. Now I'd like to save those results. All persisence framework are for POJO, do you know a common solution ? May I create a POJO to make the transition/link ? Thanks - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: whats new with struts?? no beta for download
Certainly Struts has a larger production base But as JSF is built on a 'Page Controller Pattern' model instead of 'Action Controller Pattern' (Component Action Handlers are supported) I would encourage you to read Implementing in JSF vs Struts article available from Roland Barcia http://websphere.sys-con.com/read/46516.htm M- - Original Message - From: "Ashish Kulkarni" <[EMAIL PROTECTED]> To: Sent: Monday, July 18, 2005 8:41 AM Subject: whats new with struts?? no beta for download Hello I have been using struts for a while now, i did some upgrade to 1.2.4 few months ago(may be 6 i dont remmember) since then i was busy with some thing else so lost touch with whats happening in struts. I went to http://struts.apache.org to find out more and was surprized to see that there is no eta version for download? there where new stuff like shale (i guess is long time now) and integration with JSF, so why is there no beta available for download? when will be the next release of struts and what new things will be included in it Is there still a debate going on bewteen struts and JSF Ashish __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: URL Encoding
Have you looked at the html:link tag? (http://struts.apache.org/userGuide/struts-html.html#link) Link text On 7/18/05, Senthilrajan VS <[EMAIL PROTECTED]> wrote: > Hi All, > > I am calling the action directly using the hyper link, for example > /sample.do?table=test. The values for this action is generated dynamically. I > want to Encode this URL. Is there any way to encode this URL. > > Thanks & Regards, > SenthilRajan VS > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: whats new with struts?? no beta for download
- Original Message - From: "Ashish Kulkarni" <[EMAIL PROTECTED]> To: Sent: Monday, July 18, 2005 8:41 AM Subject: whats new with struts?? no beta for download Hello I have been using struts for a while now, i did some upgrade to 1.2.4 few months ago(may be 6 i dont remmember) since then i was busy with some thing else so lost touch with whats happening in struts. I went to http://struts.apache.org to find out more and was surprized to see that there is no eta version for download? there where new stuff like shale (i guess is long time now) and integration with JSF, so why is there no beta available for download? when will be the next release of struts and what new things will be included in it Is there still a debate going on bewteen struts and JSF Ashish __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: whats new with struts?? no beta for download
Ashish Kulkarni wrote: Hello I have been using struts for a while now, when will be the next release of struts I belive that you have been using Struts for a while. That's why you know the answer to you question as to when. You can get any version or variation of Struts using TurtoiseSVN anytime you want using direction on home page. .V - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
ApplicationException sample
Hi all, Can someone please attach a good sample of an ApplicationException, BaseException & ServiceException classes? An example of catching them in an Action class will be very helpful too. Thanks a lot Rivka ** The contents of this email and any attachments are confidential. They are intended for the named recipient(s) only. If you have received this email in error please notify the system manager or the sender immediately and do not disclose the contents to anyone or make copies. ** eSafe scanned this email for viruses, vandals and malicious content. ** **
Re: Token element wrapped with a div tag
Thanks Niall. It did not occur to me to check the ASF Bugzilla for Struts [I will remember for the next time]. I'm not familiar with the Status... since it is not yet closed.. this means that the bug is not yet fixed in version 1.2.7 ? - Glenn "Niall Pemberton" <[EMAIL PROTECTED]> 18/07/2005 08:38 AM Please respond to "Struts Users Mailing List" To "Struts Users Mailing List" cc Subject Re: Token element wrapped with a div tag http://issues.apache.org/bugzilla/show_bug.cgi?id=32016 Niall - Original Message - From: <[EMAIL PROTECTED]> Sent: Thursday, July 14, 2005 4:11 PM > Hi, > > Just curious as to why in the JSP the token is wrapped in a div tag? > > value="383952ea7a0093448e02f3f0d635865b"> > > I'm using v1.2.7. > > Regards, > Glenn - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
whats new with struts?? no beta for download
Hello I have been using struts for a while now, i did some upgrade to 1.2.4 few months ago(may be 6 i dont remmember) since then i was busy with some thing else so lost touch with whats happening in struts. I went to http://struts.apache.org to find out more and was surprized to see that there is no eta version for download? there where new stuff like shale (i guess is long time now) and integration with JSF, so why is there no beta available for download? when will be the next release of struts and what new things will be included in it Is there still a debate going on bewteen struts and JSF Ashish __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Calling validator rule direct from code
Good Morning Charles From what I can gather there are 4 scenarios to instantiate a form and handle validation http://mail-archives.apache.org/mod_mbox/struts-user/200407.mbox/[EMAIL PROTECTED] If you decide to use option D) DynaValidatorForm then Take a look at Rick Reumann's site for example of usage http://www.reumann.net/struts/lesson3/step4.do HTH, Martin- - Original Message - From: <[EMAIL PROTECTED]> To: "Struts Users Mailing List" Sent: Monday, July 18, 2005 7:11 AM Subject: Calling validator rule direct from code Hi, Using Tomcat 5, I have an application which builds a multipage web form based on data from a database and user input. I'd like to be able to use the validtator to it but can't determine the required fields until run time. I was wondering how I could use the pre-build validator rules in this situation. It is possible to explicitly call a validator rule directly from a servlet.For example suppose I wanted to call the date validation rule passing it a string containing a date field and a datePattern of mm/dd/. Can this be done? If so does anyone have an example? Or is there another way of solving this? Thanks, Charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Token element wrapped with a div tag
http://issues.apache.org/bugzilla/show_bug.cgi?id=32016 Niall - Original Message - From: <[EMAIL PROTECTED]> Sent: Thursday, July 14, 2005 4:11 PM > Hi, > > Just curious as to why in the JSP the token is wrapped in a div tag? > > value="383952ea7a0093448e02f3f0d635865b"> > > I'm using v1.2.7. > > Regards, > Glenn - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: I need help running an example
Mohamed, First of all, you should understand that using JBoss, Tomcat (which implicitly is run under JBoss), or any other application server doesn't change anything. If you embed the right libraries (jar, ear, war, whatever), everything should work fine for your server. Anything else is a problem coming from your web app. This piece of code just means that if the role "Administrator" has been defined for the current user, then it should display the "submit" button. Otherwise, the submit does nothing. -- Stéphane Zuckerman - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Token element wrapped with a div tag
This is the JSP code snippet: Here is the HTML source: Here is code in my Action class: // set the synchronization token String token = generateToken(request); httpSession.setAttribute(Globals.TRANSACTION_TOKEN_KEY, token); - Glenn Laurie Harper <[EMAIL PROTECTED]> Sent by: news <[EMAIL PROTECTED]> 14/07/2005 06:29 PM Please respond to "Struts Users Mailing List" To user@struts.apache.org cc Subject Re: Token element wrapped with a div tag [EMAIL PROTECTED] wrote: > Just curious as to why in the JSP the token is wrapped in a div tag? > > value="383952ea7a0093448e02f3f0d635865b"> > > I'm using v1.2.7. What does your JSP look like? L. -- Laurie, Open Source advocate, Java geek and novice blogger: http://www.holoweb.net/~laurie/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: URL Encoding
Use java.net.URLEncoder.encode method. On 7/18/05, Senthilrajan VS <[EMAIL PROTECTED]> wrote: > Hi All, > > I am calling the action directly using the hyper link, for example > /sample.do?table=test. The values for this action is generated dynamically. I > want to Encode this URL. Is there any way to encode this URL. > > Thanks & Regards, > SenthilRajan VS > -- --Yoge 9840425388 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Calling validator rule direct from code
Hi, Using Tomcat 5, I have an application which builds a multipage web form based on data from a database and user input. Id like to be able to use the validtator to it but cant determine the required fields until run time. I was wondering how I could use the pre-build validator rules in this situation. It is possible to explicitly call a validator rule directly from a servlet.For example suppose I wanted to call the date validation rule passing it a string containing a date field and a datePattern of mm/dd/. Can this be done? If so does anyone have an example? Or is there another way of solving this? Thanks, Charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
URL Encoding
Hi All, I am calling the action directly using the hyper link, for example /sample.do?table=test. The values for this action is generated dynamically. I want to Encode this URL. Is there any way to encode this URL. Thanks & Regards, SenthilRajan VS
RE: I need help running an example
Hello, Probably you weren't logged in as 'Administrator' Don't know details of why, since I don' tknow theapplication, but I am Sure the instructions or readme file for the application will tell you What to do.. Regards marco -Original Message- From: Mohamed Fathi [mailto:[EMAIL PROTECTED] Sent: 18 July 2005 11:09 To: user@struts.apache.org Subject: I need help running an example Hi I am new to Struts framework and I was trying to run a simple example downloaded from "sourceforge" called "car-rental-system" it worked fine on JBOSS except of a single problem. all buttons are disabled when I opened the JSP file containing a submit button I found this piece of code I will be glade if anyone could explains to me what does it mean and How could I get all button work on JBOSS thanks in advance yours, Mohamed Fathy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
I need help running an example
Hi I am new to Struts framework and I was trying to run a simple example downloaded from "sourceforge" called "car-rental-system" it worked fine on JBOSS except of a single problem. all buttons are disabled when I opened the JSP file containing a submit button I found this piece of code I will be glade if anyone could explains to me what does it mean and How could I get all button work on JBOSS thanks in advance yours, Mohamed Fathy - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
