Q.Mutli-click prevention using struts tokens with code example.

Servlet Tutorials

Q.Mutli-click prevention using struts tokens with code example.

Struts has 3 methods use for the token, saveToken(), isTokenValid() and resetToken().
saveToken() - generate the token key and save to request/session attribute.
isTokenValid() - validate submitted token key against the 1 store in request/session.
resetToken() - reset the token key

Example :
Step 1.
Action Class where saveToken() before JSP Page.
First saveToken() then forward to your jsp.
Upon loading the form, invokes saveToken() on the action class to create and store the token key. Struts will store the generated key in request/session.

public class LoadAction extends Action
{
public ActionForward execute(ActionMapping mapping,ActionForm form,HttpServletRequest request,HttpServletResponse response)
{    ActionForward forward;
     forward=mapping.findForward("FirstPage");// this is the jsp page where you want to struts tokens.
     saveToken(request);

     return forward;
}
}

Step 2.
If the token successfully created, when view source on the browser you will see the token, the token key is stored as a hidden field:
In jsp page :

<%@ page import="org.apache.struts.action.Action"%>
<%@ page import="org.apache.struts.taglib.html.Constants"%>

<%@ taglib uri="/WEB-INF/struts-tiles.tld" prefix="tiles" %>
<%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %>
<%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %>
<%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %>
<html>
<head> <title> First Page </title> </head>

<body>
<form name="MyForm" method="post" action="/dpsubm/getForm/submit.do">
<input type="text" name="name" >
<input type="hidden" name="<%= Constants.TOKEN_KEY %>"
value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" >
<input type="submit" value="submit">
</form>
</body>
</html>

Step 3. Your logic
Once the form submitted, invokes isTokenValid() on the action class, it will validate the submitted token key(hidden field) with the token key stored previously on request/session. If match, it will return true.

public class SubmitAction extends Action
{
    public ActionForward execute(ActionMapping mapping ,ActionForm form ,HttpServletRequest request,HttpServletResponse response)
    {
        ActionForward forward=mapping.findForward("submitForm");
        DupSubmitForm frm=(DupSubmitForm)form;

        if(isTokenValid(request))
        {

            System.out.println("frm.getName()"+frm.getName());
            resetToken(request);
        }
        else
        {
            System.out.println("frm.getName()"+frm.getName());
            System.out.println("Duplicate Submission of the form");

        }
        return forward;
    }
}

Suggested Jobs

More Jobs >>

Cick to view Full Details : dpsubm.zip

TechFAQ

Technology Expert Comments

Servlet Tutorials

Q.Mutli-click prevention using struts tokens with code example.

Suggested Jobs

	Q.Mutli-click prevention using struts tokens with code example.
	Struts has 3 methods use for the token, saveToken(), isTokenValid() and resetToken(). saveToken() - generate the token key and save to request/session attribute. isTokenValid() - validate submitted token key against the 1 store in request/session. resetToken() - reset the token key Example : Step 1. Action Class where saveToken() before JSP Page. First saveToken() then forward to your jsp. Upon loading the form, invokes saveToken() on the action class to create and store the token key. Struts will store the generated key in request/session. public class LoadAction extends Action { public ActionForward execute(ActionMapping mapping,ActionForm form,HttpServletRequest request,HttpServletResponse response) { ActionForward forward; forward=mapping.findForward("FirstPage");// this is the jsp page where you want to struts tokens. saveToken(request); return forward; } } Step 2. If the token successfully created, when view source on the browser you will see the token, the token key is stored as a hidden field: In jsp page : <%@ page import="org.apache.struts.action.Action"%> <%@ page import="org.apache.struts.taglib.html.Constants"%> <%@ taglib uri="/WEB-INF/struts-tiles.tld" prefix="tiles" %> <%@ taglib uri="/WEB-INF/struts-html.tld" prefix="html" %> <%@ taglib uri="/WEB-INF/struts-bean.tld" prefix="bean" %> <%@ taglib uri="/WEB-INF/struts-logic.tld" prefix="logic" %> <html> <head> <title> First Page </title> </head> <body> <form name="MyForm" method="post" action="/dpsubm/getForm/submit.do"> <input type="text" name="name" > <input type="hidden" name="<%= Constants.TOKEN_KEY %>" value="<%= session.getAttribute(Action.TRANSACTION_TOKEN_KEY) %>" > <input type="submit" value="submit"> </form> </body> </html> Step 3. Your logic Once the form submitted, invokes isTokenValid() on the action class, it will validate the submitted token key(hidden field) with the token key stored previously on request/session. If match, it will return true. public class SubmitAction extends Action { public ActionForward execute(ActionMapping mapping ,ActionForm form ,HttpServletRequest request,HttpServletResponse response) { ActionForward forward=mapping.findForward("submitForm"); DupSubmitForm frm=(DupSubmitForm)form; if(isTokenValid(request)) { System.out.println("frm.getName()"+frm.getName()); resetToken(request); } else { System.out.println("frm.getName()"+frm.getName()); System.out.println("Duplicate Submission of the form"); } return forward; } }	Suggested Jobs More Jobs >>
	Cick to view Full Details : dpsubm.zip