View Javadoc

1   /*
2    * $Id: Token.java 497654 2007-01-19 00:21:57Z rgielen $
3    *
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  package org.apache.struts2.components;
22  
23  import java.util.Map;
24  
25  import javax.servlet.http.HttpServletRequest;
26  import javax.servlet.http.HttpServletResponse;
27  
28  import org.apache.struts2.views.annotations.StrutsTag;
29  import org.apache.struts2.util.TokenHelper;
30  
31  import com.opensymphony.xwork2.util.ValueStack;
32  
33  /***
34   * <!-- START SNIPPET: javadoc -->
35   * Stop double-submission of forms.</p>
36   *
37   * The token tag is used to help with the "double click" submission problem. It is needed if you are using the
38   * TokenInterceptor or the TokenSessionInterceptor. The s:token tag merely places a hidden element that contains
39   * the unique token.</p>
40   * <!-- END SNIPPET: javadoc -->
41   *
42   * <p/> <b>Examples</b>
43   *
44   * <pre>
45   * <!-- START SNIPPET: example -->
46   * &lt;s:token /&gt;
47   * <!-- END SNIPPET: example -->
48   * </pre>
49   *
50   * @see org.apache.struts2.interceptor.TokenInterceptor
51   * @see org.apache.struts2.interceptor.TokenSessionStoreInterceptor
52   *
53   */
54  @StrutsTag(name="token", tldTagClass="org.apache.struts2.views.jsp.ui.TokenTag", description="Stop double-submission of forms")
55  public class Token extends UIBean {
56  
57      public static final String TEMPLATE = "token";
58  
59      public Token(ValueStack stack, HttpServletRequest request, HttpServletResponse response) {
60          super(stack, request, response);
61      }
62  
63      protected String getDefaultTemplate() {
64          return TEMPLATE;
65      }
66  
67      /***
68       * First looks for the token in the PageContext using the supplied name (or {@link org.apache.struts2.util.TokenHelper#DEFAULT_TOKEN_NAME}
69       * if no name is provided) so that the same token can be re-used for the scope of a request for the same name. If
70       * the token is not in the PageContext, a new Token is created and set into the Session and the PageContext with
71       * the name.
72       */
73      protected void evaluateExtraParams() {
74          super.evaluateExtraParams();
75  
76          String tokenName;
77          Map parameters = getParameters();
78  
79          if (parameters.containsKey("name")) {
80              tokenName = (String) parameters.get("name");
81          } else {
82              if (name == null) {
83                  tokenName = TokenHelper.DEFAULT_TOKEN_NAME;
84              } else {
85                  tokenName = findString(name);
86  
87                  if (tokenName == null) {
88                      tokenName = name;
89                  }
90              }
91  
92              addParameter("name", tokenName);
93          }
94  
95          String token = buildToken(tokenName);
96          addParameter("token", token);
97          addParameter("tokenNameField", TokenHelper.TOKEN_NAME_FIELD);
98      }
99  
100     /***
101      * This will be removed in a future version of Struts.
102      * @deprecated Templates should use $parameters from now on, not $tag.
103      */
104     public String getTokenNameField() {
105         return TokenHelper.TOKEN_NAME_FIELD;
106     }
107 
108     private String buildToken(String name) {
109         Map context = stack.getContext();
110         Object myToken = context.get(name);
111 
112         if (myToken == null) {
113             myToken = TokenHelper.setToken(name);
114             context.put(name, myToken);
115         }
116 
117         return myToken.toString();
118     }
119 }