Re: synchronizer token - double submit problem

2004-10-14 Thread Craig McClanahan 
Once you've called saveToken(), the html:form tag will automatically
create a hidden field with a name that is known to the isTokenValid()
and resetToken() methods -- you do not have to do anything at all in
the JSP page for this to work.

Craig


On Thu, 14 Oct 2004 11:30:28 -0700 (PDT), umamaheswara rao
[EMAIL PROTECTED] wrote:
 Hi ,
 
   Your help is apprciated.
 
How do I set a token it to JSP ? do I need to have
 to set
 the token to the form bean(form.setToken(value from
 session with saveToken method)) in the action class
 which calls saveToken(request) method ?
 
 I understand the following process...but I got stuck
 here with isTokenValid(request) method ...if at all I
 need to set the token in hidden field what name should
 I use...
 
 saveToken(request)
 on the return trip,
 isTokenValid(request)
 resetToken(request)
 
 Thanks
 Uma
 
 ___
 Do you Yahoo!?
 Declare Yourself - Register online to vote today!
 http://vote.yahoo.com
 
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 


-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: synchronizer token - double submit problem

2004-10-14 Thread Jeff Beal 
The html:form/ tag inserts the token as a hidden field.
umamaheswara rao wrote:
Hi ,
  Your help is apprciated.
   How do I set a token it to JSP ? do I need to have 
to set
the token to the form bean(form.setToken(value from
session with saveToken method)) in the action class
which calls saveToken(request) method ?

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: synchronizer token - double submit problem

2004-10-14 Thread umamaheswara rao 
Hi,

   Good to get Response from you Mr. Craig McClanahan.
Please find the following problem I've ...

  I've followed the article mentioned in javaworld
(http://www.javaworld.com/javatips/jw-javatip136_p.html),
Since I have BaseActionClass which extends Action
class 

following are the Action classes  before modifing for
Synchronizer Token.

ShoppingAction extends BaseAction..
ProcessOrderAction  extends ShoppingAction 
CheckOutAction   extends ShoppingAction 

After modifying I've modified as per the article...

SynchroAction extends ShoppingAction

ProcessOrderAction(calling saveToken(request)) extends
SynchroAction

CheckOutAction(calling isValidToken(request)) extends
SychroAction


so that, even if the user double clicks to process the
order I should be handling the situation to not to
process two orders for a customer..

But, following are the values from the logs I
observed... 

Process Order Action :: Session Token is
::8121dcb84a3734bb5a4ee

CheckOutAction
Request : null
Session token: 3df5a196f87876ae863089039968f
Current token: null



So where did my Request token go ? any wrong in
implementation...I appreciate your valuable time ...

Best Regards,
Uma.

--- Craig McClanahan [EMAIL PROTECTED] wrote:

 Once you've called saveToken(), the html:form tag
 will automatically
 create a hidden field with a name that is known to
 the isTokenValid()
 and resetToken() methods -- you do not have to do
 anything at all in
 the JSP page for this to work.
 
 Craig
 
 
 On Thu, 14 Oct 2004 11:30:28 -0700 (PDT),
 umamaheswara rao
 [EMAIL PROTECTED] wrote:
  Hi ,
  
Your help is apprciated.
  
 How do I set a token it to JSP ? do I need to
 have
  to set
  the token to the form bean(form.setToken(value
 from
  session with saveToken method)) in the action
 class
  which calls saveToken(request) method ?
  
  I understand the following process...but I got
 stuck
  here with isTokenValid(request) method ...if at
 all I
  need to set the token in hidden field what name
 should
  I use...
  
  saveToken(request)
  on the return trip,
  isTokenValid(request)
  resetToken(request)
  
  Thanks
  Uma
  
  ___
  Do you Yahoo!?
  Declare Yourself - Register online to vote today!
  http://vote.yahoo.com
  
 

-
  To unsubscribe, e-mail:
 [EMAIL PROTECTED]
  For additional commands, e-mail:
 [EMAIL PROTECTED]
  
 
 

-
 To unsubscribe, e-mail:
 [EMAIL PROTECTED]
 For additional commands, e-mail:
 [EMAIL PROTECTED]
 
 




___
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com

-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]