Regards,
Bruce Ritchie
Patrick Lightbody wrote:
This sounds scary to me -- I'm not entirely convinced that URLs with .action in them are terribly bad. I do have cases where 4 different actions use that same SUCCESS view:ShowDocumentListA.success = doc_list.jsp ShowDocumentListB.success = doc_list.jsp ShowDocumentListC.success = doc_list.jsp -Pat ----- Original Message ----- From: "Rickard Öberg" <[EMAIL PROTECTED]> To: "WebWork" <[EMAIL PROTECTED]> Sent: Thursday, January 02, 2003 5:38 AM Subject: [OS-webwork] Action invocationI'm currently looking at how actions in a web setting are to be invoked in XWork. I've seen two main ways in which actions are used: for read-only stuff, such as getting model data and then rendering it, and for write actions that respond to a form submit. I'll deal with these cases one at a time. The descriptions cover the JSP case, but the same ideas can be applied to any view technology. First, I've argued that the read-only case is best done by referencing the success page itself, and have it contain an <action> tag, so that the URL itself is nice and clean. This works, but it's a bit of a kludge, and it's difficult to handle the error case, i.e. when the read-only action fails and an error page should be shown. Here's an alternative implementation. First of all, use a servlet filter which intercepts .jsp requests. When a request for that page is intercepted simply check if an action has a result view declaration with that page as SUCCESS. If so, then execute it. If SUCCESS is the result, then simply continue the rendering. If ERROR is the result, then instead do an include of the error page. This will automatically ensure that read-only actions are only executed for the specific page, so you can use declarative security for it. The main drawback with this approach is that a page can only have one action, but I'm not sure how common it is to have one page with many different actions providing data for it anyway. Second, write-actions that are executed as a result of a form submission are executed through basically the same mechanism. E.g. form.jsp may contain this: <form action="<xw:url page="results.jsp"/>"> ... </form> -- When the form is submitted the action will executed first, just as the read-only case, and if SUCCESS is the result then results.jsp is rendered. If any other case, then that is included instead. Such as INPUT=form.jsp, which will render the above form again. I'm not exactly sure how the "doDefault" thing will be handled yet, but it shouldn't be that much of a problem. Another common case is to have a single button point to a write-action which after execution redirects back to the same page (e.g. "delete this entry"). I'm not quite sure how to handle this either. The goal is to avoid having .action URL's at all, in order to keep URL's bookmark friendly and to avoid security issues. Those are my thoughts on this so far. Any thoughts/comments? Does it seem like a good direction? /Rickard -- Rickard Öberg [EMAIL PROTECTED] Senselogic Got blog? I do. http://dreambean.com ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Opensymphony-webwork mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/opensymphony-webwork
-- AOL - bruceritchie101 ICQ - 9929791 MSN - [EMAIL PROTECTED] http://www.jivesoftware.com/
smime.p7s
Description: S/MIME Cryptographic Signature
