001: /*
002: * Copyright (c) 2002-2003 by OpenSymphony
003: * All rights reserved.
004: */
005: package com.opensymphony.webwork.components;
006:
007: import com.opensymphony.webwork.util.TokenHelper;
008: import com.opensymphony.xwork.util.OgnlValueStack;
009:
010: import javax.servlet.http.HttpServletRequest;
011: import javax.servlet.http.HttpServletResponse;
012: import java.util.Map;
013:
014: /**
015: * <!-- START SNIPPET: javadoc -->
016: * Stop double-submission of forms.</p>
017: *
018: * The token tag is used to help with the "double click" submission problem. It is needed if you are using the
019: * TokenInterceptor or the TokenSessionInterceptor. The ww:token tag merely places a hidden element that contains
020: * the unique token.</p>
021: * <!-- END SNIPPET: javadoc -->
022: *
023: * <p/> <b>Examples</b>
024: *
025: * <pre>
026: * <!-- START SNIPPET: example -->
027: * <ww:token />
028: * <!-- END SNIPPET: example -->
029: * </pre>
030: *
031: * @author Patrick Lightbody
032: * @author Rene Gielen
033: * @author Rainer Hermanns
034: * @version $Date: 2006-03-18 17:28:55 +0100 (Sat, 18 Mar 2006) $ $Id: Token.java 2468 2006-03-18 16:28:55Z rgielen $
035: * @since 2.2
036: *
037: * @see com.opensymphony.webwork.interceptor.TokenInterceptor
038: * @see com.opensymphony.webwork.interceptor.TokenSessionStoreInterceptor
039: *
040: * @ww.tag name="token" tld-body-content="JSP" tld-tag-class="com.opensymphony.webwork.views.jsp.ui.TokenTag"
041: * description="Stop double-submission of forms"
042: */
043: public class Token extends UIBean {
044:
045: public static final String TEMPLATE = "token";
046:
047: public Token(OgnlValueStack stack, HttpServletRequest request,
048: HttpServletResponse response) {
049: super (stack, request, response);
050: }
051:
052: protected String getDefaultTemplate() {
053: return TEMPLATE;
054: }
055:
056: /**
057: * First looks for the token in the PageContext using the supplied name (or {@link com.opensymphony.webwork.util.TokenHelper#DEFAULT_TOKEN_NAME}
058: * if no name is provided) so that the same token can be re-used for the scope of a request for the same name. If
059: * the token is not in the PageContext, a new Token is created and set into the Session and the PageContext with
060: * the name.
061: */
062: protected void evaluateExtraParams() {
063: super .evaluateExtraParams();
064:
065: String tokenName;
066: Map parameters = getParameters();
067:
068: if (parameters.containsKey("name")) {
069: tokenName = (String) parameters.get("name");
070: } else {
071: if (name == null) {
072: tokenName = TokenHelper.DEFAULT_TOKEN_NAME;
073: } else {
074: tokenName = findString(name);
075:
076: if (tokenName == null) {
077: tokenName = name;
078: }
079: }
080:
081: addParameter("name", tokenName);
082: }
083:
084: String token = buildToken(tokenName);
085: addParameter("token", token);
086: addParameter("tokenNameField", TokenHelper.TOKEN_NAME_FIELD);
087: }
088:
089: /**
090: * This will be removed in a future version of WebWork.
091: * @deprecated Templates should use $parameters from now on, not $tag.
092: */
093: public String getTokenNameField() {
094: return TokenHelper.TOKEN_NAME_FIELD;
095: }
096:
097: private String buildToken(String name) {
098: Map context = stack.getContext();
099: Object myToken = context.get(name);
100:
101: if (myToken == null) {
102: myToken = TokenHelper.setToken(name);
103: context.put(name, myToken);
104: }
105:
106: return myToken.toString();
107: }
108: }
|