|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.silverpeas.token.synchronizer.SynchronizerToken
@TokenGenerator(value=SynchronizerTokenGenerator.class) public class SynchronizerToken
A synchronizer token is for protecting a user session or a Web resource. The token is used to check the requester is valid (and therefore can be trusted). Such tokens are usually generated from some information about the user or the protected resource so the token validity can also be checked with these data. The aim of the synchronizer token is to be carried within each request emitted by a client in order to be compared with the token that is expected at this point or from this client. If the tokens don't match, then a possible CSRF attack (Cross-Site Request Forgery) is suspected and then the request is rejected and the client isn't more trusted.
Field Summary | |
---|---|
static SynchronizerToken |
NoneToken
Represents none token to replace in more typing way the null keyword. |
Constructor Summary | |
---|---|
protected |
SynchronizerToken(String value)
Constructs a new synchronizer token with the specified value. |
protected |
SynchronizerToken(String value,
List<String> parameters)
Constructs a new synchronizer token with the specified value and with the specified parameters used in for its generation. |
Method Summary | |
---|---|
List<String> |
getGenerationParameters()
Gets the parameters that were used in the generation of this token. |
String |
getValue()
Gets the String representation of this token. |
boolean |
isDefined()
Is this token defined? |
protected void |
setValue(String newValue)
Sets a new value to this token. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final SynchronizerToken NoneToken
Constructor Detail |
---|
protected SynchronizerToken(String value)
value
- the value of the token.protected SynchronizerToken(String value, List<String> parameters)
value
- the value of the token.parameters
- the parameters used in its generation.Method Detail |
---|
protected void setValue(String newValue)
newValue
- the new token value.public String getValue()
Token
getValue
in interface Token
public boolean isDefined()
Token
isDefined
in interface Token
public List<String> getGenerationParameters()
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |