Hi All,
I have just installed the struts1.0 b1 and the struts-example app. I wonder how the transaction token key works.Can anybody explain that to me please(it is a great stuff).
I checked out the code a bit and found out that struts is creating a transaction token key by convereting the session id and the current time to byte array and appending it to a message digest . So how can the two tokens(one set before displaying the form and another set when submitting?) be equated when they have a time element involved in them.Antoher thing i could not undsrstand was that while saving the form the code retrieves the token using the request.getParameter(token_key), but where are we setting this paramater?
Can somebody explain , how are things working here?
Regards,
Yogesh
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
