How to avoid muti-committing a form inSTRUTS?

Discussion in 'Java' started by rayzyang@gmail.com, Mar 5, 2007.

  1. Guest

    as the topic.I built a user-registering system by struts.For
    optimizing,I need to add a usage that can avoid commit the register
    form for muti times.I knew a little about the Token class ,and
    actually used it ,sadly,I failed.I hope I can find help here for
    resolving my problem.Thanks!
    , Mar 5, 2007
    #1
    1. Advertising

  2. Lew Guest

    wrote:
    > as the topic.I built a user-registering system by struts.For
    > optimizing,I need to add a usage that can avoid commit the register
    > form for muti times.I knew a little about the Token class ,and
    > actually used it ,sadly,I failed.I hope I can find help here for
    > resolving my problem.Thanks!


    I don't know what the Token class is, but the standard technique to handle
    reposts is called sometimes the "Token Pattern". The name comes not from a
    class "Token" but from an arbitrary object, often a String, used as a token, a
    marker for something.

    The defense against applying the same transaction multiple times is to enforce
    "idempotency" - the property that a transaction only has effect the first time
    it's applied.

    In the case of a form POST, you place a token, let's say a string with the
    name of the form, in the session the first time you generate the page. In the
    handler for the form submit, check for the token, that is, the string with the
    identifier of the form (could also be a GUID like a hexadecimal string) in the
    session.

    String token = (String) session.getAttribute( "token" );

    If the token is in the session the handler is allowed to apply the
    transaction. First, it must remove the token

    session.removeAttribute( "token" );

    then perform the business logic.

    If the handler is invoked again before a new page is generated, the check for
    the token in the session will return null. In that case do not perform the
    business logic. That way the handler only performs business logic once per
    screen no matter how many times the same submit hits it.

    Your logic is then "idempotent".

    GIYF.
    So is Wikipedia.
    <http://en.wikipedia.org/wiki/Idempotence_%28computer_science%29>

    -- Lew
    Lew, Mar 6, 2007
    #2
    1. Advertising

  3. Guest

    On 3ÔÂ6ÈÕ, ÏÂÎç12ʱ53·Ö, Lew <..com> wrote:
    > wrote:
    > > as the topic.I built a user-registering system by struts.For
    > > optimizing,I need to add a usage that can avoid commit the register
    > > form for muti times.I knew a little about the Token class ,and
    > > actually used it ,sadly,I failed.I hope I can find help here for
    > > resolving my problem.Thanks!

    >
    > I don't know what the Token class is, but the standard technique to handle
    > reposts is called sometimes the "Token Pattern". The name comes not from a
    > class "Token" but from an arbitrary object, often a String, used as a token, a
    > marker for something.
    >
    > The defense against applying the same transaction multiple times is to enforce
    > "idempotency" - the property that a transaction only has effect the first time
    > it's applied.
    >
    > In the case of a form POST, you place a token, let's say a string with the
    > name of the form, in the session the first time you generate the page. In the
    > handler for the form submit, check for the token, that is, the string with the
    > identifier of the form (could also be a GUID like a hexadecimal string) in the
    > session.
    >
    > String token = (String) session.getAttribute( "token" );
    >
    > If the token is in the session the handler is allowed to apply the
    > transaction. First, it must remove the token
    >
    > session.removeAttribute( "token" );
    >
    > then perform the business logic.
    >
    > If the handler is invoked again before a new page is generated, the check for
    > the token in the session will return null. In that case do not perform the
    > business logic. That way the handler only performs business logic once per
    > screen no matter how many times the same submit hits it.
    >
    > Your logic is then "idempotent".
    >
    > GIYF.
    > So is Wikipedia.
    > <http://en.wikipedia.org/wiki/Idempotence_%28computer_science%29>
    >
    > -- Lew

    Lew,
    Thanks for replying, how about GET form ?It seems your "Token" doesn't
    work....
    Struts disposes this problem well with the Action class method
    saveToken()\isTokenValid()\resetToken(),and I didn't do well with
    it.Is there anything that should be noticed?
    , Mar 9, 2007
    #3
  4. Lew Guest

    wrote:
    > Thanks for replying, how about GET form ?It seems your "Token" doesn't
    > work....


    Usually one avoids GETs with Struts applications. In a non-Struts context the
    token pattern works just as well with GETs.

    Of course, that would be incorrect to do. You are not supposed to use GET for
    anything that performs state changes, so there would be no need for
    idempotency anyway.

    > Struts disposes this problem well with the Action class method
    > saveToken()\isTokenValid()\resetToken(),and I didn't do well with
    > it.Is there anything that should be noticed?


    I am not familiar with these methods. What to their API docs say?

    I use session.setAttribute( "token", someObject ) and
    session.removeAttribute( "token" ).

    -- Lew
    Lew, Mar 9, 2007
    #4
  5. Guest

    On 3ÔÂ9ÈÕ, ÏÂÎç10ʱ11·Ö, Lew <..com> wrote:
    > wrote:
    > > Thanks for replying, how about GET form ?It seems your "Token" doesn't
    > > work....

    >
    > Usually one avoids GETs with Struts applications. In a non-Struts context the
    > token pattern works just as well with GETs.
    >
    > Of course, that would be incorrect to do. You are not supposed to use GET for
    > anything that performs state changes, so there would be no need for
    > idempotency anyway.
    >
    > > Struts disposes this problem well with the Action class method
    > > saveToken()\isTokenValid()\resetToken(),and I didn't do well with
    > > it.Is there anything that should be noticed?

    >
    > I am not familiar with these methods. What to their API docs say?
    >
    > I use session.setAttribute( "token", someObject ) and
    > session.removeAttribute( "token" ).
    >
    > -- Lew

    Your opinion is reasonable,may be the Struts API way doesn't go
    well,since I'd never worked out with it yet.

    , Mar 12, 2007
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    5
    Views:
    291
  2. John
    Replies:
    2
    Views:
    1,157
  3. Replies:
    0
    Views:
    1,910
  4. Amit Jain
    Replies:
    0
    Views:
    315
    Amit Jain
    May 19, 2009
  5. pow67

    muti page content

    pow67, Nov 24, 2003, in forum: Javascript
    Replies:
    0
    Views:
    88
    pow67
    Nov 24, 2003
Loading...

Share This Page