-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tim,
Tim J Schumacher wrote: > We do this in our project by using the TokenProcessor in struts. Are > you using struts by chance? I think Colin is more worried about repeated requests for /any/ page, not just form submissions (which struts' tokens are intended to protect). Colin, what is it that is taking so long in your page requests? Are your users being asked /not/ to re-load pages when they take a long time to load? Are you using user sessions in your application? If so, you could write a filter to store a token in the session during processing of a request. If you get another request and the session holds that token, you can refuse to process the (additional) request. Just be aware that you have to clean that token up eventually or else the user might get stuck until their session times out. - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkjqa3QACgkQ9CaO5/Lv0PBHMACfUQMD8FaJV8F3pSHtmjYOoZmE e8wAnAncv8dhtWq4bOI1OygNicToxLBq =iZwq -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]