Here's a link that describes the pattern. You have to buy the book for full effect:
http://www.phptr.com/corej2eepatterns/codeChap5.html /Ross -----Original Message----- From: Yu, Yanhui [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 11:21 AM To: 'Ted Husted'; Struts Users Mailing List Subject: RE: Methods In Action Class Ted, I am very much interested in this. Could you give a short sample code for this approach? We used to use Javascript here to stop multiple submission but now we are using struts and Javascript is out. Thank you very much, Yanhui -----Original Message----- From: Ted Husted [mailto:[EMAIL PROTECTED]] Sent: Saturday, March 02, 2002 8:27 AM To: Struts Users Mailing List Subject: Re: Methods In Action Class Before going to a page you want to protect, route to an Action first and call SaveToken. This stores a token with a unique value in the user's session. If the page uses the html:form tag, it will automatically include a hidden field with the token if it finds one in the session. In the Action that receives the page, use isTokenValue to see if the token in the session matches the one from the form. Call resetToken to clear the token, so it can't be used again. -- Ted Husted, Husted dot Com, Fairport NY US -- Developing Java Web Applications with Struts -- Tel: +1 585 737-3463 -- Web: http://husted.com/about/services subhendukumar mohanty wrote: > > Hi > > I found the following methods in Action.java which I think may help to control the session ID. That means if the user submits the page and press the back button and submit the page again it will throw an error. > > generateToken(HttpServletRequest request) > saveToken(HttpServletRequest request) > isTokenValid(HttpServletRequest request) > > If anybody has used these methods let me know how to use these methods . > > Thanks, > Subhendu > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
