net.sf.regain.search
Class NoncesManager
java.lang.Object
net.sf.regain.search.NoncesManager
public class NoncesManager
- extends Object
Create an check nonces for web requests
- Author:
- Benjamin Pick
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
NONCE_TIMEOUT_SEC
public static final int NONCE_TIMEOUT_SEC
- See Also:
- Constant Field Values
NONCE_STORE_CONTEXTATTRIBUTE_NAME
private static final String NONCE_STORE_CONTEXTATTRIBUTE_NAME
- See Also:
- Constant Field Values
now
private long now
salt
private String salt
mRequest
private PageRequest mRequest
NoncesManager
public NoncesManager()
generateNonce
public String generateNonce(String action,
String timestamp)
- Create a nonce for usage in a form
- Parameters:
action - action-specific constanttimestamp - timestamp to use
- Returns:
- Hash-Value
checkNonce
public boolean checkNonce(String nonce,
String action,
String timestamp)
- Check if the nonce is correct.
- Parameters:
nonce - Nonce from requestaction - Action specific to this requesttimestamp - Timestamp that was used to create this nonce
- Returns:
markNonceUsed
private void markNonceUsed(String nonce)
isNonceUsed
private boolean isNonceUsed(String nonce)
checkNonce
public boolean checkNonce(PageRequest request,
String action)
- Check if the nonce of this request is correct.
- Parameters:
request - Request - in order to get the nonce and the nonceStoreaction - action-specific constant
- Returns:
- FALSE if not valid.
loadNonceStore
private void loadNonceStore(PageRequest request)
generateHTML
public String generateHTML(PageRequest request,
String action)
- Create a hidden input for usage in a form,
that contains a newly generated nonce.
- Parameters:
request - action -
- Returns:
Regain 2.1.0-STABLE, Copyright (C) 2004-2010 Til Schneider, www.murfman.de, Thomas Tesche, www.clustersystems.info