File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Struts and the fly likes Question on Synchronizer token Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Struts
Bookmark "Question on Synchronizer token" Watch "Question on Synchronizer token" New topic

Question on Synchronizer token

Kalichar Rangantittu
Ranch Hand

Joined: Jan 15, 2002
Posts: 240
I am using a DispatchAction in my application. I would also like to use the saveToken() isTokenValid() functionality provided by struts.

After a saveToken() call, the resulting page that is displayed has the token of the form <input type="hidden" name="org...TOKEN" value="@$@$@45#$%"/>

When the form is submitted, the action that checks for isTokenValid(request) fails. Why would this occur?

Never be satisfied with anything less than the best and you will surely pass the test...
Dileep Kamath

Joined: Jul 15, 2006
Posts: 19
Please try to print the session attribute stored against org.apache.struts.Globals.TRANSACTION_TOKEN_KEY and see if it matches with the one in the html source.
I agree. Here's the link:
subject: Question on Synchronizer token
It's not a secret anymore!