Hi Craig,
I guess you misunderstood what I said.
The problem is that once the token is saved, even if I request the action
again(NOT "refresh") manually(by clicking some link on the page, or submit a form),
the token is still there! and thus the action is never executed second time.
Thanks.
On Mon, Jul 12, 2004 at 08:40:22PM -0700, Craig McClanahan wrote:
> Ding Lei wrote:
>
> >Hello ...
> >
> >
> >On Mon, Jul 12, 2004 at 10:50:46AM -0300, Guillermo Meyer wrote:
> >
> >
> >>Use Struts isTokenValid/saveToken schema in your addUsetToDatabase
> >>Action method.
> >>
> >>
> >the problem is that once it calls saveToken(), the damn token stays
> >there forever ... what's wrong with it?
> >
> >
> >
> I can see why you might be concerned (from a memory usage viewpoint)
> about the token staying there "forever" ... what I don't get is why that
> might be a functional concern? If you want to avoid double submits,
> you're going to check for the existence of the correct token value.
> Working backwards, that means your application logic *must* have called
> saveToken() prior to rendering the page with the input form you're
> checking -- but, since there's only one token, any previous value will
> at that point have been thrown away. Things still work correctly,
> though, in terms of what the token is designed to do -- you really can
> detect the second submit, and react differently to it. Right?
>
> By the way, even though there is no removeToken() method explicity
> available, you can always call:
>
> session.removeAttribute(Globals.TRANSACTION_TOKEN_KEY);
>
> if you really really want to get rid of it.
>
> Craig
>
>
>
> >
> >
> >
> >
> >>Cheers.
> >>Guillermo.
> >>
> >>-----Original Message-----
> >>From: Ding Lei [mailto:[EMAIL PROTECTED]
> >>Sent: Lunes, 12 de Julio de 2004 10:38 a.m.
> >>To: Struts Users Mailing List
> >>Subject: Browser's refresh problem
> >>
> >>
> >>Hi all,
> >>
> >> There's a UserAddAction, which adds the user record to the database,
> >>and when it's done it redirects the user index page. the problem is that
> >>everytime the user clicks refresh at the user index page, the same
> >>record is added again.
> >>
> >> I know that unique check is required, but I also hopes that action
> >>itself should be aware of the user's "Refresh".
> >>
> >> Thank you.
> >>
> >>
> >>--
> >>Layman <[EMAIL PROTECTED]> Ext: 8059
> >>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>NOTA DE CONFIDENCIALIDAD
> >>Este mensaje (y sus anexos) es confidencial, esta dirigido exclusivamente
> >>a las personas direccionadas en el mail y puede contener informacion
> >>(i)de propiedad exclusiva de Interbanking S.A. o (ii) amparada por el
> >>secreto profesional. Cualquier opinion en el contenido, es exclusiva de
> >>su autor y no representa necesariamente la opinion de Interbanking S.A.
> >>El acceso no autorizado, uso, reproduccion, o divulgacion esta prohibido.
> >>Interbanking S.A no asumira responsabilidad ni obligacion legal alguna
> >>por cualquier informacion incorrecta o alterada contenida en este
> >>mensaje. Si usted ha recibido este mensaje por error, le rogamos tenga la
> >>amabilidad de destruirlo inmediatamente junto con todas las copias del
> >>mismo, notificando al remitente. No debera utilizar, revelar, distribuir,
> >>imprimir o copiar este mensaje ni ninguna de sus partes si usted no es el
> >>destinatario. Muchas gracias.
> >>
> >>
> >>
> >>---------------------------------------------------------------------
> >>To unsubscribe, e-mail: [EMAIL PROTECTED]
> >>For additional commands, e-mail: [EMAIL PROTECTED]
> >>
> >>
> >
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
--
Layman <[EMAIL PROTECTED]> Ext: 8059Have an adequate day.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
