There are three parts of any struts code which we use for validation of user
fields:
With appropriate use of tokens in these classes we can avoid duplicate form submission, a vector for Cross Site Request Forgery (CSRF of XSRF).
Where to use:
1) Inside Form Bean:
Right after instantiating Action Error inside Validate() method write below lines:
String token =request.getParameter("org.apache.struts.taglib.html.TOKEN");
if(isToken!==null)
{
//write your validation code here
}
2) Inside Form Action:
Right after instantiating FormBean, put below line:
saveToken(request);
3) Now, the turn of Submit Action:
isTokenValid(request)
{
//Write all your valitaion code here
}
Close the loop and put a suitable redirect in case validation fails.
4) The knotty stuffs needed now
> Make entry for redirection in struts.config file in case the validation fails.
> Create a jsp with error message and make entry of this jsp in tiles.xml.
One simple example of error.jsp:
Unable to access the page you are looking.
1) Form Bean
2) Form Action
3) Submit Action
With appropriate use of tokens in these classes we can avoid duplicate form submission, a vector for Cross Site Request Forgery (CSRF of XSRF).
Where to use:
1) Inside Form Bean:
Right after instantiating Action Error inside Validate() method write below lines:
String token =request.getParameter("org.apache.struts.taglib.html.TOKEN");
if(isToken!==null)
{
//write your validation code here
}
2) Inside Form Action:
Right after instantiating FormBean, put below line:
saveToken(request);
3) Now, the turn of Submit Action:
isTokenValid(request)
{
//Write all your valitaion code here
}
Close the loop and put a suitable redirect in case validation fails.
4) The knotty stuffs needed now
> Make entry for redirection in struts.config file in case the validation fails.
> Create a jsp with error message and make entry of this jsp in tiles.xml.
One simple example of error.jsp:
Unable to access the page you are looking.
No comments:
Post a Comment