Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How do I use tokens to prevent user from multiple submission

 
kay lin
Ranch Hand
Posts: 132
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi all:

I would like to know I can prevent user from multiple submission of a form,in my application, I have an inquiry.jsp that would forward user's request inquiryAction,

I think in my inquiryAction's execute class I need to perform the following check to see if the user has submit a page,


Here is a quote from the Struts API javadoc


isTokenValid

protected boolean isTokenValid(javax.servlet.http.HttpServletRequest request)

Return true if there is a transaction token stored in the user's current session, and the value submitted as a request parameter with this action matches it. Returns false under any of the following circumstances:

* No session associated with this request
* No transaction token saved in the session
* No transaction token included as a request parameter
* The included transaction token value does not match the transaction token in the user's session



my questions are:
let us say if the user first makes a request, obviously the request would come through because there is a valid session associated with the request,

but what if the user clicks the submit button on the JSP form more than once, what value would isTokenValid() then return? can somebdoy expalins to me? also, do I have to call the saveToken(request) if the token is saved, does that mean there is a new token in the session, and the next time a user presses "submit" button on the form, it will be compared with the newest token? also, can some body explain what is a "request parameter" please let me know

Many Thanks...!! I really appreciate all your help
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic