uk.ac.ebi.intenz.webapp.utilities
Class ControlFlowToken
java.lang.Object
uk.ac.ebi.intenz.webapp.utilities.ControlFlowToken
public class ControlFlowToken
- extends Object
This class provides a mechanism to guarantee correct control flow, that is using "back" or "reload" buttons of
a browser do not lead to unwanted behaviour.
This is achieved by storing a unique token in the session and request when accessing a servlets service() method.
The resulting pages of a servlet response contain the token by accessing it via the request object. Pressing
the "back" or "reload" button leads to already generated pages with different tokens, therefore a subsequent
processing action by a servlet will encounter the difference when comparing the token of the request with token of
the current session and permit this transaction.
- Version:
- $Revision: 1.2 $ $Date: 2008/01/28 12:33:09 $
- Author:
- Michael Darsow
|
Method Summary |
static boolean |
isValid(javax.servlet.http.HttpServletRequest req)
Returns true if the token is valid (request token == session token). |
static void |
setToken(javax.servlet.http.HttpServletRequest req,
Long enzymeId)
Sets a control flow token in the session and in the request. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
ControlFlowToken
public ControlFlowToken()
setToken
public static void setToken(javax.servlet.http.HttpServletRequest req,
Long enzymeId)
- Sets a control flow token in the session and in the request.
The token is a kind of checksum (MD5 message digest, part of java.security).
- Parameters:
req - The request object.
isValid
public static boolean isValid(javax.servlet.http.HttpServletRequest req)
- Returns true if the token is valid (request token == session token).
- Parameters:
req - The request object.
- Returns:
- see above.
Copyright © 2013 EMBL-EBI. All Rights Reserved.