In Fact, I have made the application in the way in which, back and refresh buttons cannot be used. If the user at any point on time clicks back or refresh, he is logged out and his session expires!! Also, since i am maintaining session and security for the site, bookmarking of pages is not allowed. so, this is not the issue.
The issue is, if the user has the URL for an Action with him, he can copy paste that to anothr browser and try to access the function. Although the session control i am doing, does not allow this, but in some places, it throws NullPointer Exceptions!! Again, This can be controlled by putting appropriate null checks, but mine being a big project, i want to control it somehow single handedly and not depend on each developer!! So, i thot if i can somehow restrict showing the URl on teh browser!! On 12/6/05, Laurie Harper <[EMAIL PROTECTED]> wrote: > > Michael Jouravlev wrote: > > On 12/5/05, Deepa Khetan <[EMAIL PROTECTED]> wrote: > >> Hi, > >> > >> Just a bit of a question. Can i do some thing in Struts, which will > enable > >> me to show the same URL all the time, for my aplication?? i mean i do > not > >> want to show in the URL which action mapping i am calling, as in, > >> https://<IpAddress> thats it, for all my actions?? > > > > Sure. In a "normal" non-Ajax world you still need to have one action > > that processes requests. Basically, a front controller. Then you do > > in-server forward to an actual action that serves the request, and it > > forwards to a JSP page to display a view. In this case either all > > requests should be POSTs to hide parameters, or you need to do a > > redirect to a view to hide them (see second option). > > > > You can go with a more elaborate path to avoid problems with Back > > button and implicit resubmits on page refresh. In this case you accept > > an initial request, no matter GET or POST. Then you redirect to a > > particular action processing the request. It changes the application > > state and saves it in the session. Then you redirect to the same front > > action. It pulls application state from the session and forwards to a > > view, corresponding to the state. How front action knows that this > > time it should render a view instead of forwarding to processing > > action? Simple. The redirect request (1) has GET type and (2) is > > empty, that is, no parameters. > > > > The third option known to me is using Ajax and updating page fragments > > without reloading the whole page. > > > > Michael. > > Or the fourth option is to use framesets. Of course if you do this, with > any of these approaches, you'll be causing your users pain in that there > will be no way they can bookmark pages and the browser's Refresh option > will become useless (since it would just reload the front page, not the > page the user was currently on)... > > Before you ask if/how, ask yourself whether you really want to do this :) > > L. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
