Return true if there is a transaction token stored in the user's current session, and the value submitted as a request parameter with this action matches it. Returns false under any of the following circumstances:
* No session associated with this request * No transaction token saved in the session * No transaction token included as a request parameter * The included transaction token value does not match the transaction token in the user's session
my questions are: let us say if the user first makes a request, obviously the request would come through because there is a valid session associated with the request,
but what if the user clicks the submit button on the JSP form more than once, what value would isTokenValid() then return? can somebdoy expalins to me? also, do I have to call the saveToken(request) if the token is saved, does that mean there is a new token in the session, and the next time a user presses "submit" button on the form, it will be compared with the newest token? also, can some body explain what is a "request parameter" please let me know
Many Thanks...!! I really appreciate all your help
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads