Struts2 prevents repeated submission, and struts2 prevents submission

Struts2 prevents repeated submission, and struts2 prevents submission

<? Xml version = "1.0" encoding = "UTF-8"?> <! DOCTYPE struts PUBLIC "-// Apache Software Foundation // DTD Struts Configuration 2.3 // EN" "http://struts.apache.org/dtds/struts-2.3.dtd"> <struts> <constant name = "struts. enable. dynamicMethodInvocation "value =" true "/> <constant name =" struts. devMode "value =" true "/> <package name =" default "namespace =" "extends =" struts-default "> <! -- Here is the interceptor configuration --> <interceptors> <interceptor name = "test" class = "com. test. interceptor. TestInterceptor"> </interceptor> <! -- Used to intercept only some methods --> <interceptor name = "function" class = "com. test. interceptor. functionInterceptor "> <param name =" includeMethods "> add </param> </interceptor> <interceptor-stack name =" myStack "> <interceptor-ref name =" test "/> <interceptor-ref name = "function"/> <interceptor-ref name = "token"/> <interceptor-ref name = "defaultStack"/> </interceptor-stack> </interceptors> <! -- Correct and wrong jump, respectively. input is the page that will jump after verification fails --> <action name = "data" class = "com. test. action. valideAction "> <interceptor-ref name =" myStack "> </interceptor-ref> <! -- Use the interceptor action --> <result name = "success">/result. jsp </result> <result name = "input">/login. jsp </result> <result name = "invalid. token ">/token_error.jsp </result> <! -- Methods to prevent repeated submission --> </action> <action name = "FunctionInterceptor" class = "com. test. action. valideAction "method =" add "> <interceptor-ref name =" myStack "> </interceptor-ref> <! -- Use the interceptor action --> <result name = "success">/result. jsp </result> <result name = "input">/login. jsp </result> <result name = "invalid. token ">/token_error.jsp </result> </action> <action name =" dele "class =" com. test. action. valideAction "method =" dele "> <interceptor-ref name =" myStack "> </interceptor-ref> <! -- Use the interceptor action --> <result name = "success">/result. jsp </result> <result name = "input">/login. jsp </result> <result name = "invalid. token ">/token_error.jsp </result> </action> </package> </struts>

The above is the code in struts. xml. The main code is:

<Result name = "invalid. token">/token_error.jsp </result>

Such a paragraph.

<% @ Page language = "java" contentType = "text/html; charset = UTF-8 "pageEncoding =" UTF-8 "%> <% @ taglib uri ="/struts-tags "prefix =" s "%> <! DOCTYPE html PUBLIC "-// W3C // dtd html 4.01 Transitional // EN" "http://www.w3.org/TR/html4/loose.dtd"> 

Add the following paragraph to the JSP page: <s: token> </s: token> <! -- To prevent repeated submission, add this line -->

This prevents repeated submissions.



How does struts2 prevent repeated submission?
I copied =

1. Redirection: display the address in the address bar as the final address.
2. disable Client Refresh: control by using JS, disable the refresh function, and clear access history;
3. Struts built-in method (token): the server issues a one-time token. The server sends a token to the client for each request. After the client submits the token, check the token, if this token is used for the first time, OK; otherwise, the system prompts repeated submission.
There are several related methods in Action:
SaveToken (request): generates a new token and saves it to the client's request object.
IsTokenValid (request, true): checks whether the client token is used for the first time and invalidates the token.
ResetToken (request): resets the token of the client.

Use struts2 token to prevent repeated submission of refreshed pages
Hello, the answer below is to copy it from someone else. I am not sure if it is helpful to you !!

In struts, Token can be used to solve the problem of repeated submission. Principle: Before processing client requests, the server compares the token value contained in the request with the token value saved in the current session to check whether the request matches. After the request is processed and the information reaches the client, a new token is generated. The token value will replace the token value in the current session and be uploaded to the client. In this way, if you roll back to the submission page and submit again, the token passed by the client is inconsistent with the token value in the service, effectively preventing the submission. Implementation: first, create and save a token saveToken (request) in the pre-added Action's execute () method. function: Create a new token value, and save it to the current session. If the HttpSession object does not exist, create this object first. The pre-added Action uploads the token to the added page as a hidden domain. After the AddAction is submitted to the add page, in the execute () method: first, determine whether the token value in the current session is consistent with the token value in the request: isTokenValid (request) if they are not consistent, an error message is provided and the token value is refreshed through saveToken (request. If they are consistent, execute the SQL statement to save (ADD), and then delete the token in the current session through the resetToken (request) method.