this is the configuration of struts:
<interceptors>
<interceptor-stack name="packStack">
<interceptor-ref name="token" />
<interceptor-ref name="defaultStack" />
</interceptor-stack>
</interceptors>
<default-interceptor-ref name="packStack" />
and i got this warning and token interceptor is not blocking the duplicate submission of requests.
WARNING: Could not find token name in params.
i have searched the web and so many forums. how to solve this?? i have tried changing the order of the interceptors and at last i have arranged like above.
Use the <s:token> tag, otherwise there won't be a token parameter, sort of like the message says.
Related
I am trying to validate the content types of uploading files using accept attribute but it seem to be not working.
Here is my code.
<s:file theme="simple" name="fileUpload" accept="image/jpeg"/>
i also tried
<s:file theme="simple" name="fileUpload" accept="image/*"/>
Both are not working what could be the problem?
The HTML accept attribute is not supported in IE and Safari. You can define allowed mime types in struts.xml for you file upload action like that:
<action name="..." class="...">
<interceptor-ref name="defaultStack">
<param name="fileUpload.allowedTypes">image/jpeg</param>
</interceptor-ref>
<result>...</result>
</action>
See others parameters you can configure in fileUpload interceptor.
In struts2 I am writing an app where I need to make sure that the url redirection works the same whether or not there is a trailing slash at the end.
E.g. example.com/app should behave same way as if user entered example.com/app/. Currently I changed mapping in struts.xml like so -
<struts>
<package name="default" namespace="/" extends="secure">
<interceptors> ... <interceptors>
<action name="app">
<result type="redirectAction">/app/</result>
</action>
</package>
</struts>
and
<struts>
<package name="app" namespace="/app" extends="secure">
<interceptors> ... <interceptors>
<action name="" class="com.example.action.app.LoginAction" method="display">
<interceptor-ref name="store">
<param name="operationMode">RETRIEVE</param>
</interceptor-ref>
<interceptor-ref name="basic" />
<result type="redirectAction">home</result>
<result name="display">/jsp/base/content/login/loginForm.jsp</result>
</action>
</package>
</struts>
But this seems hackish since if I go to example.com/app it will show example.com//app/.html in the URL.
Any help appreciated.
Answer was derived in comments under the answer.
Quaternion:
Personally I would write all my urls with out the trailing slash...
and then I would use something external to the application to rewrite
urls as appropriate, perhaps iptables could determine if there is a
trailing slash and if so always strip it.
Mohana Rao SV:
As suggested above follow without tailing slash. And override
StrutsPrepareAndExecuteFilter one of the filter job is from the url it
has to identify the namespace and action name and invoke respective
action. So here remove tailing slash from url.
Quaternion:
In namespace "/" you have an action called app. That is all there is
to it to invoke CONTEXT_ROOT/app (that is what struts2 expects), you
don't ever expect to see a "/" on the end of the url, so you want to
find a method that parses the url before struts2 resolves the mapping.
What you have described only requires something to remove a trailing
"/" if it exists. I'd look to iptables because I've used it before or
some other url rewriter... Mahana would keep it all part of the web
app and use a filter, methods differ but the effect is the same.
Im trying to make it so that once i submit this form i cannot hit the back button, but with the current configuration I cannot even get the page/form to load. I can't seem to figure out why "invalid.token" is always being triggered thus redirecting me to index.jsp no matter what I have the token tag in my form like im supposed to. If i use the "excludeMethods" filter and exclude View then my page loads but I can hit the back button freely so it still does not work properly. I have tried moving the interceptor-ref above and below my noLoginStack but it dosen't make a difference. Based on my debugging my actual java class isn't even being hit, so its failing before then. What am I doing wrong?
My action declaration:
<action name="viewAppointmentLetter" class="edu.ucr.c3.rsummer.controller.instructor.ManageAppointmentLetters">
<interceptor-ref name="noLoginStack"/>
<interceptor-ref name="token" />
<result name="invalid.token">/index.jsp</result>
<result name="error" type="redirectAction">index.do</result>
<result name="input">/instructor/assigned_appts.jsp</result>
<result name="view">/instructor/assigned_appts.jsp</result>
<result type="redirectAction">index.do</result>
</action>
My assigned_appts.jsp:
<s:form action="saveAppointmentLetter" onsubmit="return verifySubmit();">
<s:token name="token" />
.....
</s:form>
If its any clue I always get this in my console
WARN org.apache.struts2.util.TokenHelper - Could not find token name in params.
In struts2 the order of interceptor is very important. you should follow this order.
<interceptor-ref name="token"/>
<interceptor-ref name="noLoginStack"/>
USe TokenSession interceptor.Had to handle result by result name="invalid.token" in struts.xml in specific action.
The page from which your action is generated at that page you have to write <s:token> tag in the header
I use struts 2.1.8, I use <s:token> between <s:form> and </s:form>
in my struts.xml like that
............
<package name="user" namespace="/user" extends="struts-default">
<action name="login"class="user.UserAction">
<result type="tiles">login.view</result>
<interceptor-ref name="token"/>
<interceptor-ref name="basicStack"/>
<result name="invalid.token">/pages/error.jsp</result>
</action>
</package>
...............
at the first time, I run login.do action, I alway get error page. Plz give to me some suggestions thank in advance.
You need to add parameter to exclude method on which you dont want to apply interceptor
for example at the very first run I used populate method to populate my page
<interceptor-ref name="token">
<param name="excludeMethods">populate</param>
</interceptor-ref>
if you have more than one method than you can use comma to separate methods
<interceptor-ref name="token">
<param name="excludeMethods">populate,add,save,anyothermethod</param>
</interceptor-ref>
Best Luck !
Regards,
Asit Jaiswal
The problem is that your token is due.
If you choose to ignore the method, then you don't need to add the token tag
I use Token Session to prevent duplicate form submits, but the first time I make a request to server, I always get error page
<action name="show" class="ClientAction">
<interceptor-ref name="tokenSession" />
<interceptor-ref name="basicStack" />
<result name="invalid.token">/WEB-INF/error.jsp</result>
result type="tiles" name="success">page.view</result>
</action>
"<s:token />" was added to may success page between <s:form> and </s:form>, but it doesn't run correctly.
plz help me to solve them, is there another way prevent duplicate form submits. I wait for suggestion, thank u very much. : )
It seems that you are not using proper interceptor name. If you want to use the session token, it is token-session.
try using token-session instead of tokenSession.
Hope that helps.
tag <s:token /> must be inserted into form which is double-submitted, not into success form. If token tag is missing, interceptor resolve the submitted request as invalid even if it's the first attempt.