Hi Raj,
you could get sid value and put inside authentication form to user as
hidden field, After, when user invoke authentication action, you
could verify if sid value matches with real sessionID value.
look at this url
http://localhost:8080/SecurityTest/login.do?userId=sss&password=sss&step=Log
Hi ,
Can you please be more specific. I did not get you. When i click the button
and go to action it has sessionID. I will put it in form hidden value. But
what happens when i paste the url in browse which goes to action with GET
method and has session Id.
Can you please elaborate it more.
Than
Or you could just check if request.getMethod().equals("POST")
(*Chris*)
On Wed, Sep 29, 2010 at 10:11 AM, Maurizio Cucchiara <
[email protected]> wrote:
> Hi,
> you could obtain session id through session.getId() and put it inside
> the form as hidden field, after you could verify th
Hi,
you could obtain session id through session.getId() and put it inside
the form as hidden field, after you could verify the correctness.
did I answer your question?
Maurizio Cucchiara
2010/9/29 Orpu :
>
> Hi All,
>
> My application is developed using struts framework. Where it takes user id
