View Javadoc

1   /*
2    * $Id: Token.java 651946 2008-04-27 13:41:38Z apetrelli $
3    *
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *  http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  package org.apache.struts2.components;
23  
24  import java.util.Map;
25  
26  import javax.servlet.http.HttpServletRequest;
27  import javax.servlet.http.HttpServletResponse;
28  
29  import org.apache.struts2.views.annotations.StrutsTag;
30  import org.apache.struts2.util.TokenHelper;
31  
32  import com.opensymphony.xwork2.util.ValueStack;
33  
34  /***
35   * <!-- START SNIPPET: javadoc -->
36   * Stop double-submission of forms.</p>
37   *
38   * The token tag is used to help with the "double click" submission problem. It is needed if you are using the
39   * TokenInterceptor or the TokenSessionInterceptor. The s:token tag merely places a hidden element that contains
40   * the unique token.</p>
41   * <!-- END SNIPPET: javadoc -->
42   *
43   * <p/> <b>Examples</b>
44   *
45   * <pre>
46   * <!-- START SNIPPET: example -->
47   * &lt;s:token /&gt;
48   * <!-- END SNIPPET: example -->
49   * </pre>
50   *
51   * @see org.apache.struts2.interceptor.TokenInterceptor
52   * @see org.apache.struts2.interceptor.TokenSessionStoreInterceptor
53   *
54   */
55  @StrutsTag(name="token", tldTagClass="org.apache.struts2.views.jsp.ui.TokenTag", description="Stop double-submission of forms")
56  public class Token extends UIBean {
57  
58      public static final String TEMPLATE = "token";
59  
60      public Token(ValueStack stack, HttpServletRequest request, HttpServletResponse response) {
61          super(stack, request, response);
62      }
63  
64      protected String getDefaultTemplate() {
65          return TEMPLATE;
66      }
67  
68      /***
69       * First looks for the token in the PageContext using the supplied name (or {@link org.apache.struts2.util.TokenHelper#DEFAULT_TOKEN_NAME}
70       * if no name is provided) so that the same token can be re-used for the scope of a request for the same name. If
71       * the token is not in the PageContext, a new Token is created and set into the Session and the PageContext with
72       * the name.
73       */
74      protected void evaluateExtraParams() {
75          super.evaluateExtraParams();
76  
77          String tokenName;
78          Map parameters = getParameters();
79  
80          if (parameters.containsKey("name")) {
81              tokenName = (String) parameters.get("name");
82          } else {
83              if (name == null) {
84                  tokenName = TokenHelper.DEFAULT_TOKEN_NAME;
85              } else {
86                  tokenName = findString(name);
87  
88                  if (tokenName == null) {
89                      tokenName = name;
90                  }
91              }
92  
93              addParameter("name", tokenName);
94          }
95  
96          String token = buildToken(tokenName);
97          addParameter("token", token);
98          addParameter("tokenNameField", TokenHelper.TOKEN_NAME_FIELD);
99      }
100 
101     /***
102      * This will be removed in a future version of Struts.
103      * @deprecated Templates should use $parameters from now on, not $tag.
104      */
105     public String getTokenNameField() {
106         return TokenHelper.TOKEN_NAME_FIELD;
107     }
108 
109     private String buildToken(String name) {
110         Map context = stack.getContext();
111         Object myToken = context.get(name);
112 
113         if (myToken == null) {
114             myToken = TokenHelper.setToken(name);
115             context.put(name, myToken);
116         }
117 
118         return myToken.toString();
119     }
120 }