|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.apache.struts.util.TokenProcessor
TokenProcessor is responsible for handling all token related functionality. The methods in this class are synchronized to protect token processing from multiple threads. Servlet containers are allowed to return a different HttpSession object for two threads accessing the same session so it is not possible to synchronize on the session.
Field Summary | |
private static TokenProcessor |
instance
The singleton instance of this class. |
private long |
previous
The timestamp used most recently to generate a token value. |
Constructor Summary | |
protected |
TokenProcessor()
Protected constructor for TokenProcessor. |
Method Summary | |
java.lang.String |
generateToken(javax.servlet.http.HttpServletRequest request)
Generate a new transaction token, to be used for enforcing a single request for a particular transaction. |
static TokenProcessor |
getInstance()
Retrieves the singleton instance of this class. |
boolean |
isTokenValid(javax.servlet.http.HttpServletRequest request)
Return true if there is a transaction token stored in
the user's current session, and the value submitted as a request
parameter with this action matches it. |
boolean |
isTokenValid(javax.servlet.http.HttpServletRequest request,
boolean reset)
Return true if there is a transaction token stored in
the user's current session, and the value submitted as a request
parameter with this action matches it. |
void |
resetToken(javax.servlet.http.HttpServletRequest request)
Reset the saved transaction token in the user's session. |
void |
saveToken(javax.servlet.http.HttpServletRequest request)
Save a new transaction token in the user's current session, creating a new session if necessary. |
private java.lang.String |
toHex(byte[] buffer)
Convert a byte array to a String of hexadecimal digits and return it. |
Methods inherited from class java.lang.Object |
|
Field Detail |
private static TokenProcessor instance
private long previous
Constructor Detail |
protected TokenProcessor()
Method Detail |
public static TokenProcessor getInstance()
public boolean isTokenValid(javax.servlet.http.HttpServletRequest request)
true
if there is a transaction token stored in
the user's current session, and the value submitted as a request
parameter with this action matches it. Returns false
under any of the following circumstances:
request
- The servlet request we are processingpublic boolean isTokenValid(javax.servlet.http.HttpServletRequest request, boolean reset)
true
if there is a transaction token stored in
the user's current session, and the value submitted as a request
parameter with this action matches it. Returns false
request
- The servlet request we are processingreset
- Should we reset the token after checking it?public void resetToken(javax.servlet.http.HttpServletRequest request)
request
- The servlet request we are processingpublic void saveToken(javax.servlet.http.HttpServletRequest request)
request
- The servlet request we are processingpublic java.lang.String generateToken(javax.servlet.http.HttpServletRequest request)
request
- The request we are processingprivate java.lang.String toHex(byte[] buffer)
buffer
- The byte array to be converted
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |