java - how to manage session attributes due to post requests, and history -

-

i have following problem:

i want send information between modules (different controllers) using post due security reasons. logic has been this:

user searches > clicks on specific item > sends form post request controller > controller shows view of specific item > user clicks on sub-item page > sends form post request sub-item's controller

however, because of how post works out, it's giving me "webpage has expired" messages when going subitem page item page.

my solution problem save these parameter(s) in java's httpsession, post. not particularly sure how go @ it.

for example here snippets of code (for record i'm using thymeleaf view resolver):

search.html snippet

<tr th:each="customer:${results.pagelist}">    <td>        <form method="post" id="gotouser" name="gotouser" action="/customer/">            <input type="hidden" name="acctcustnbr" th:value="${customer.acctcustnbr}"/>             <a href="javascript:;" onclick="javascript:document.getelementbyid('gotouser').submit();"                 th:text="${customer.acctcustnbr}">000010</a>        </form>    </td>  <!-and on-->

customer (or item, in example) controller receives request:

@requestmapping(value = "/customer/", method = requestmethod.post) public string getcustomer(@requestparam(value = "acctcustnbr", required = false) string acctcustnbr,                           model model,                           httpsession session) {     boolean error = false;     string errormsg;     logger.info("acctcustnbr obtained >" + acctcustnbr + "<");     if(acctcustnbr==null){         acctcustnbr = (string) session.getattribute("acctcustnbr");     }     else         session.setattribute("acctcustnbr", acctcustnbr);      /*service methods , model additions*/

now how past initial stage? seems sub-item's controller can obtain session attribute fine, hitting on browser still opens dreaded expiration alert.

my logic if user hitting button /customer/ page send acctcustnbr==null. i'm wrong because doesn't work.

so question is, doing wrong here?

solution @skirsch

i renamed controller method this:

@requestmapping(value = "/customer/", method = requestmethod.get) public string getcustomer(model model, httpsession session) {     boolean error = false;     string errormsg;     /** service invocations , stuff**/

and added one:

@requestmapping(value = "/customer1/", method = requestmethod.post) public string storeacctcustnbrinsession(@requestparam(value = "acctcustnbr", required = false) string acctcustnbr,                                         model model, httpsession session) {     session.setattribute("acctcustnbr", acctcustnbr);     return "redirect:/customer/"; }

you need redirect browser place after storing data in session. other place be

@requestmapping(value = "/customer/", method = requestmethod.get) public string getcustomerfromsessionvalue(model model, httpsession session) { ... }

as redirect using method, won't experience "dreaded expiration alert".
see redirect after post


Comments

Post a Comment

Popular posts from this blog

android - getbluetoothservice() called with no bluetoothmanagercallback -

-
i getting getbluetoothservice() called no bluetoothmanagercallback error in android application. i have no idea causing or bluetooth manager callbacks. can give me idea of causing problem or start looking. by reading android source code, seems warning cannot about. source code shows if call bluetoothsocket#connect(); then call bluetoothadapter.getdefaultadapter().getbluetoothservice(null); the key here, null parameter passes in above line. due this, there no callback, , bluetoothsocket class throw out warning. since warning, not think need it. https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/bluetooth/bluetoothsocket.java line 306 https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/bluetooth/bluetoothadapter.java line 1610
Read more

sql - ASP.NET SqlDataSource, like on SelectCommand -

-
i'm working on asp.net. have sqldatasource query hardcoded on selectcommand: <asp:sqldatasource id="datasource1" runat="server" cancelselectonnullparameter="false" connectionstring="<%$ connectionstrings:s.properties.settings.connectionstring %>" selectcommand="select * [table] ([col1] case @col1_param when null col1 else @col1_param end) , ([col2] case @col2_param when null col2 else @col2_param end)" selectcommandtype="text"> <selectparameters> <asp:controlparameter controlid="textbox1" name="col1_param" propertyname="text" type="string" /> <asp:controlparameter controlid="textbox2" name="col2_param" propertyname="text" type="string" /> </selectparameters> what want if enter data on 1 textbox only, data display according textbox
Read more

ios - Undefined symbols for architecture armv7: "_OBJC_CLASS_$_SSZipArchive" -

-
i try using extractzipfile plugin @ this: https://github.com/phonegap/phonegap-plugins/tree/master/ios/extractzipfile but when compiler xcode 4.6.1 in sdk 6.1 throws error: undefined symbols architecture i386: "_objc_class_$_ssziparchive", referenced from: objc-class-ref in extractzipfileplugin.o ld: symbol(s) not found architecture i386 clang: error: linker command failed exit code 1 (use -v see invocation) i try issue @ here: undefined symbols architecture armv7 ssziparchive but shows error: /users/alienware/desktop/extractzipfile/ssziparchive/tests/ssziparchivetests.m:10:9: 'sentestingkit/sentestingkit.h' file not found i work phonegap , make app in ios, dump. update : try add ssziparchive.m compiler source , come new error: undefined symbols architecture i386: "_unzclose", referenced from: +[ssziparchive unzipfileatpath:todestination:overwrite:password:error:delegate:] in ssziparchive.o "_unzclosecurrentfil
Read more