Win a copy of TDD for a Shopping Website LiveProject this week in the Testing forum!

Sujata Samal

Greenhorn
+ Follow
since Jan 29, 2008
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
1
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Sujata Samal

Have you tried setting the contectType in response object something like - response.setContentType("image/png") ??

-Sujata
10 years ago
Hi Abhishek,

Try * inplace of /* in <url-pattern>/*</url-pattern> tag to map all requests if you have only one application deployed.

-Sujata
10 years ago
A simplest way could be have a comon method lets say isSessionValid() and every action you perform call this method.

inside isSessionValid() verify if the session is invalid/expired then foreward to the login page with the current url as a request parameter for example - http://hostnam:port/context-path/login.do?url="currentURL".

in your login page once the user is authenticated,redirect to the currentURL.


-Sujata.
10 years ago
Paul - Could you please share your thought(s) how to resolve this kind of problem(other than one-time token).I will definitely rethink to implement your solution/a feasible solution !!


-Sujata.
10 years ago
From my experience, there was a scenario

-> where the user submits a page lets say from SubmittingPage and click back button and can again submit but we wanted to avoid re-submit
-> we cant invalidate/expire the cache as SubmittingPage can be accesed from another page and should populate the previously keyed in values.

there might be some other ways to implement(may be using onr-time token) but we found implemneting history.forward is more convinient at that point of time.

in this case how can i say there is no practical purpose??

-Sujata.
10 years ago
As you wrote/i agreed it does not add any security its just a trick to make the user hard to navigate back.

-Sujata
10 years ago
who had posted this query should have read the other two replies..

-> invalidating cache
-> invalidating session in logout

so i meant in addition to this you can also add......history.foreward()

hope its clear now

-Sujata
10 years ago
Ha ha...no one would pretend history.forward() adds security in the application!!

-Sujata
10 years ago
Adding tricks on top of securities is . If someone reads carefully i wrote "you can also add........"

-Sujata
10 years ago
Hi Rahul,

You can also add javascript:history.forward() in your logout page which will prevent the IE back button working.


-Sujata
10 years ago
Try <%@ page isErrorPage="true" %> (space between @ and page)

-Sujata
10 years ago
Hi Chris,


I would say add doGet(..) in you servlet and put some SOPs/log messages and acess the servlet directly "http://localhost:8080/Beer-v1/SelectBeeer.do" from the IE's address bar and verify if that hits the servlet.

When you submit the html see the url in the addressbar ,i think that will tell you the servlet location which the html is trying to hit.

-Sujata
10 years ago
Javedali - I have a feeling that the js file has to be included with contextPath/script/voucherDtls.js as i could see the onClick() calls a javascript method before submitting the form..you can verify by adding some alert messages inside the java script methods and on click of submit the alert messages are getting executed.

-Sujata.
10 years ago
Hmm you are right..i was trying to give an example.
By the way JSF , Flex and many advanced UI technologies are already in 21st century market.

-Sujata
10 years ago
Hi Javedali - As Bear suggested you can use the conextpath - hardcoded or get from request (<%=request.getContextPath()>) and you can put some SOPs/log statements inside doPost() to verify if the request is really hitting the servlet or not

-Sujata
10 years ago