I haven't had a lot of opportunity to validate this strategy, but I believe you have the right idea. Conceptually, the result from a double submit should just look as if it was a single submit. So, the second submit would bypass the processing logic and just forward to view the results that were produced from the first submit. You'll have to see on a case-by-case basis whether it's practical to do this.
> -----Original Message----- > From: snekse [mailto:[EMAIL PROTECTED] > Sent: Friday, January 21, 2005 2:27 PM > To: user@struts.apache.org > Subject: Where to send !isTokenValid(request) > > > I have a Best Practices type question. Where should I send > the user if isValidToken returns FALSE? > > Here is the flow we have for this application. > > 1. User searches for a profile > 2. List of matching profiles is displayed > 3. User clicks the EDIT link for the profile they want to > update 4. Profile is displayed with a TOKEN embedded in a > hidden form field 5. User hits Submit to update changes > (possibly hitting it twice). 6. If isValidToken == TRUE, call > resetToken(request) and > the Action will Forward to: > a) A confim page using redirect on SUCCESS > b) Back to the form page with error msgs on FAILURE > > So where do I go if isValidToken != TRUE? I think part of > the problem is I won't really know *why* the token was > invalid. Here's what I'd like to do. I'd like to basically > store in the session the Token, the requested ActionMapping > and the UID of the object being handled (in this case a > profile_ID). Then if the isValidToken returns false, look in > the session for the last *successful* token that matched the > ActionMapping and profile_ID for this request and send them > to the same result page. Does that make sense? Has anyone > tried this before? Any pitfalls you could foresee? Is this > just a plain bad idea? Any feedback on this would be greatly > appreciated. > > Thanks, > -Derek > > [FROM A PREVIOUS POST] > > if(!isTokenValid(request)){ > > //token vaildation failed so send to error page (or > straight onto > > success page if desired) > > return mapping.findForward("failure"); > > }else{ > > resetToken(request); > > // do some work as token is ok > > return mapping.findForward("success"); > > } > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
