I have this situation: 1- The login page collect the userName and password. 2- The login page send the info. to LoginAction. 3- if authinticated, the LoginAction forward to ResourceAction 4- ResourceAction does some business logic, and forward to resroucePage. 5- ResourcePage uses DisplayTag to display the resources, and adds export links in the buttom.
When I looked at at the source of the html generated by ResourcePage, I was surprised to find out that the links generated by the displayTag adds the userName and password to the links.
Here is a link: <a href="/MyApp/resources.do?password=password&action=preSelect&action=login&action=select&loginName= admin&6578706f7274=1&d-49653-e=1"><span class="export csv">CSV </span></a>
The request is not cleared after it is being forward from one action to another. I don't want the loginName nor the password to hang in the request.
How can I remove them?
SCJD 1.4<br />SCJP 1.4<br />-----------------------------------<br />"With regard to excellence, it is not enough to know, but we must try to have and use it.<br />" Aristotle