File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Struts and the fly likes Server-side check for back button Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Server-side check for back button" Watch "Server-side check for back button" New topic
Author

Server-side check for back button

L Duperval
Ranch Hand

Joined: May 14, 2003
Posts: 63
Hi,

I'm scouring the 'net trying to find a solution for this, but I haven't seen anything that fits the bill yet.

I need to ensure that:

  • my application has only one point of entry
  • there is no double posting
  • the user cannot use the Back button for anything that requires posting data


  • I'm stuck with Struts 1.1 for now. I'm looking for a solution that
  • Doesn't require subclassing a different type of action
  • Doesn't require patching the struts.xml file since we have a pretty rigid structure we have to follow
  • Doesn't require the use of cookies, javascriptor anything else that can be disabled by the user


  • Any ideas or suggestions are most welcome.

    Thanks.

    L


    Live Free, Live Happy
    s penumudi
    Ranch Hand

    Joined: Nov 17, 2004
    Posts: 113
    There is a J2ee Design Pattern which you can use to get rid of some/all of your problems.

    I guess the pattern name is called "Token Syncronization". I am sorry I cannot recall exact name of the pattern.

    This pattern is used to handle multiple form submissions. I guess this can be used for back button Issue.

    This is how it works. Application should maintain a token (any unique number) in the user session. This value should also be maintained in the user interface as an hidden field. So, when user submits the form, from your Action class check if the value returned by the hidden field is same as the value in the user session. If both values match, then user is submitting that form for the first time. Soon after you check the value update the value in the user session. Now, when user clicks on back button and resubmits the form, the value that was sent by user does not match with the value in user session. In which case you may not process request or return error message to user saying request is already submitted.

    If someone bookmark that page and later try to access that page, then check for the validity of the user session. If he has invalid session then redirect him to your login page.

    If you can browse through sun web site you might find some example for this approach.

    Hope this helps. Do let us know if you have a better solution to your problem.
     
    I agree. Here's the link: http://aspose.com/file-tools
     
    subject: Server-side check for back button