On Fri, 16 Aug 2002, Chris Ruegger wrote:
> Date: Fri, 16 Aug 2002 11:54:57 -0400
> From: Chris Ruegger <[EMAIL PROTECTED]>
> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]>
> To: Struts Users Mailing List <[EMAIL PROTECTED]>
> Subject: Synchronization Token for forms - any coding required?
>
> I have read that Struts uses the Token Synchronization
> pattern to detect and avoid duplicate form submissions.
>
> Question: Is all of this handled transparently for me
> or do I need to code some logic in the perform() method
> to enable this and/or ignore a duplicate submission?
>
See the Struts example application's use of this feature -- for example:
* In EditRegistrationAction, you see the line:
saveToken(request);
* In SaveResgistrationAction, you see the code:
if (!isTokenValid()) {
... deal with the error ...
}
>From the page author's view, this is transparent -- the <html:form> tag
does the necessary magic to include the token as a hidden field in the
submit. It's not transparent to the person writing your actions, but it's
real easy to call saveToken() in the action that sets up your input form's
data. And you have total control over dealing with the token not being
valid as well.
> Thanks
>
>
Craig
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
