It's Friday. Let us talk about some light issues like security problems ...
The Struts framework has a transaction token mechanism. It seems to be able to protect developers. But in some cases, it does not if session scoped form beans are used. See the detail description of the potential security issues at http://www.netspread.com/tips2.html#security More interesting, some very very experienced developers would think they are absolutely safe if they use request scoped form beans. It may not be the case as they think. Some mistakes are possible, in open source projects, in samples of published books, if the authors are not aware of them. Jing Netspread Carrier at http://www.netspread.com "Making Simple Things Crazily Simpler."
