复习中.......关于Struts的Token checker
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.Action;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;
import org.apache.struts.taglib.html.Constants;
/*
流程
1. A.jsp
2. A.do : saveToken(request) 到 request 和 Session
3. B.jsp : 产生隐藏域存储Token
4. B.do : isTokenValid(request)进行Token验证,并根据结果产生相应动作
*/
public class MyAction extends Action {
public ActionForward execute(ActionMapping mapping, ActionForm form,
HttpServletRequest request, HttpServletResponse response) {
// "org.apache.struts.taglib.html.TOKEN"
System.out.println("TOKEN = " + request.getParameter(Constants.TOKEN_KEY);
if (isTokenValid(request)) {
// do something
} else {
// do another thing
}
// saveToken(request);
}
}
|
阅读(706) | 评论(0) | 转发(0) |