Erik Weber <[EMAIL PROTECTED]> wrote on 08/25/2004 09:03:18 AM:
> I am using saveToken, isTokenValid, etc., to ensure that a
> registration/update form is not stale. I invoke this method from execute
> in the setup Action, just before forwarding to the form page.
>
> When the form is submitted, there are two levels of validation before
> the form data is processed.
>
> First, input validation happens. I use ValidatorForm with the Validator
> plugin. If there is an input validation error, Struts forwards back to
> the input page, and the original synchronizer token is still in place as
> a hidden variable in the form.
>
> Second, if input validation succeeds, there is validation at the manager
> layer. For example, a username might already be taken. If there is a
> manager validation error, Struts forwards back to the input page, but
> this time, the synchronizer token is not in place -- the hidden field in
> the form is gone.
Erik,
You are probably doing validation differently, but maybe this will spur
some ideas. I called the validate from the 'save' Action, and passed the
token with the request again after it failed validation:
if (!isCancelled(request)) {
// Validate form parameters ...
ActionErrors validErrors = reqForm.validate(mapping, request);
if (validErrors != null && !validErrors.isEmpty()) {
saveErrors(request, validErrors);
saveToken(request);
return new ActionForward(mapping.getInput());
}// end validate
...}
HTH,
Susan Bradeen
>
> The result of this is that if you request an add/edit form, fill it out,
> submit it and cause a manager validation error, you cannot simply edit
> the offending field and resubmit the form -- you need a fresh form. This
> is not the desired behavior, as this type of validation error should be
> treated the same as a form validation error, with regard to the
> synchronizer token.
>
> I am using Struts declarative exception handling, which handles the
> forwarding.
>
> How can I make sure the hidden field is rendered in the form after the
> second type of error occurs and Struts forwards back to the input
> screen? Why is it gone in the first place? I thought of
> RequestProcessor.processException, but couldn't see a way to invoke
> resetToken or saveToken. Should I do something with my form bean reset
> method?
>
> Erik
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
_____________________________________________________________________________
Scanned for SoftLanding Systems, Inc. by IBM Email Security Management Services
powered by MessageLabs.
_____________________________________________________________________________
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
