• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller

How does strut actions cope with hidden fields such as token

 
Ranch Hand
Posts: 681
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
When submitting a form you have hidden params such as token

<input name="struts.token.name" value="struts.token" type="hidden">


used to check for double clicking how does struts handle these hidden parameters so it does not try to map them to an action
 
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
From http://struts.apache.org/2.x/docs/struts-defaultxml.html:Remember--having access to the source allows us to answer a lot of these questions relatively easily :)
 
Ranch Hand
Posts: 61
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

David Newton wrote:From http://struts.apache.org/2.x/docs/struts-defaultxml.html:Remember--having access to the source allows us to answer a lot of these questions relatively easily :)



Specifically for the token tag, isn't it the TokenInterceptor (or TokenSessionStoreInterceptor) that takes care of things?
 
David Newton
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It takes care of the session part. The params filter is what filters the parameter, as shown above.
 
Tony Evans
Ranch Hand
Posts: 681
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok so the filter in struts-default.xml

<interceptor-ref name="params">
<param name="excludeParams">dojo\..*</param>
</interceptor-ref>


will handle or should handle the hidden field token so that it does not map to an action. That is kind of what I though it did, or does.

But I am getting this ONGL problem where it is trying to map a value to object usind the name token, so setToken to an object. That does not exist.

I am trying to go through the work flow before any of the params are mapped to there respective objects with corresponding setters, it should filter out all the hidden fields such as token and preventCache.

My application is using
at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:187)

To intercept the params it should still call struts-default.xml

o
 
David Newton
Author
Posts: 12617
IntelliJ IDE Ruby
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Check your interceptor order.
 
Tony Evans
Ranch Hand
Posts: 681
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Well in my action set up I have

<action name="editDevice" class="com.myapp.DeviceAction" method="edit">
<interceptor-ref name="tokenSession"/>
<interceptor-ref name="defaultStack"/>
<result name="success">/WEB-INF/pages/device.jsp</result>
</action>

but it still causes the ttoken error I tried to remove <ww:token/> but it causes a page rendering error. Have to go way think about this over the weekends
 
Tony Evans
Ranch Hand
Posts: 681
1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Removed <www.token/> and the filters and I did not get the error

ognl.OgnlException: target is null for setProperty(null, "token", [Ljava.lang.String;@304c885c)
at ognl.OgnlRuntime.setProperty(OgnlRuntime.java:1651)
at ognl.ASTProperty.setValueBody(ASTProperty.java:101)
at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:177)
at ognl.SimpleNode.setValue(SimpleNode.java:246)
at ognl.ASTChain.setValueBody(ASTChain.java:172)
at ognl.SimpleNode.evaluateSetValueBody(SimpleNode.java:177)
at ognl.SimpleNode.setValue(SimpleNode.java:246)
at ognl.Ognl.setValue(Ognl.java:476)


so it is trying to map the token to a object and is not being filtered out by

<interceptor-ref name="tokenSession"/>
<interceptor-ref name="defaultStack"/>
 
It's fun to be me, and still legal in 9 states! Wanna see my tiny ad?
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic