Re: Token is re-generated automatically.

2004-08-28 Thread Jason Lea
I see. You have a form for adding new users. When you submit this form, it adds the user, then clears the fields and redisplays the form ready for another user to be added. After saving the record you create the new token so that the next user can be added. When you detect that the form is submi

Re: Token is re-generated automatically.

2004-08-28 Thread PC Leung
token is saved if checking is OK. saveMessages (request, actionMessages); saveToken(request); addUserProfileForm.reset(mapping, request); return mapping.findForward("success"); I add saveToken() right after resetToken() in order to do testing. The result is

Re: Token is re-generated automatically.

2004-08-28 Thread Jason Lea
do you call saveToken() anywhere? After the resetToken() perhaps? It sounds like the following is happening: 1. server generates page with token A, page with token A submitted 2. token A is valid, record saved, tokenReset() called, saveToken() called creating token B 3. user presses back button,

Token is re-generated automatically.

2004-08-28 Thread PC Leung
When a page is displayed with a token, data is inputted into the form. Clicking the submit button will save a record. Then click back previous page. Click the submit button again. Invalid token is detected as expected Error message displays on top of the page. However I find the token is changed.