org.apache.struts2.interceptor
类 TokenInterceptor

java.lang.Object
  com.opensymphony.xwork2.interceptor.AbstractInterceptor
      com.opensymphony.xwork2.interceptor.MethodFilterInterceptor
          org.apache.struts2.interceptor.TokenInterceptor

所有已实现的接口：

com.opensymphony.xwork2.interceptor.Interceptor, Serializable

直接已知子类：

TokenSessionStoreInterceptor

public class TokenInterceptor
extends com.opensymphony.xwork2.interceptor.MethodFilterInterceptor

Ensures that only one request per token is processed. This interceptor can make sure that back buttons and double clicks don't cause un-intended side affects. For example, you can use this to prevent careless users who might double click on a "checkout" button at an online store. This interceptor uses a fairly primitive technique for when an invalid token is found: it returns the result invalid.token, which can be mapped in your action configuration. A more complex implementation, TokenSessionStoreInterceptor, can provide much better logic for when invalid tokens are found.

Note: To set a token in your form, you should use the token tag. This tag is required and must be used in the forms that submit to actions protected by this interceptor. Any request that does not provide a token (using the token tag) will be processed as a request with an invalid token.

Internationalization Note: The following key could be used to internationalized the action errors generated by this token interceptor

• struts.messages.invalid.token

NOTE: As this method extends off MethodFilterInterceptor, it is capable of deciding if it is applicable only to selective methods in the action class. See MethodFilterInterceptor for more info.

Interceptor parameters:

• None

Extending the interceptor:

While not very common for users to extend, this interceptor is extended by the TokenSessionStoreInterceptor. The handleInvalidToken(com.opensymphony.xwork2.ActionInvocation) and handleValidToken(com.opensymphony.xwork2.ActionInvocation) methods are protected and available for more interesting logic, such as done with the token session interceptor.

Example code:

 

 <action name="someAction" class="com.examples.SomeAction">
     <interceptor-ref name="token"/>
     <interceptor-ref name="basicStack"/>
     <result name="success">good_result.ftl</result>
 </action>

 <-- In this case, myMethod of the action class will not
        get checked for invalidity of token -->
 <action name="someAction" class="com.examples.SomeAction">
     <interceptor-ref name="token">
        <param name="excludeMethods">myMethod</param>
     </interceptor-ref name="token"/>
     <interceptor-ref name="basicStack"/>
     <result name="success">good_result.ftl</result>
 </action>

 
 

另请参见：

TokenSessionStoreInterceptor, TokenHelper, 序列化表格

字段摘要

static String

INVALID_TOKEN_CODE

构造方法摘要

TokenInterceptor()

方法摘要

void	setTextProvider(com.opensymphony.xwork2.TextProvider textProvider)

从类 com.opensymphony.xwork2.interceptor.MethodFilterInterceptor 继承的方法

getExcludeMethodsSet, getIncludeMethodsSet, intercept, setExcludeMethods, setIncludeMethods

从类 com.opensymphony.xwork2.interceptor.AbstractInterceptor 继承的方法

destroy, init

从类 java.lang.Object 继承的方法

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细信息

INVALID_TOKEN_CODE

public static final String INVALID_TOKEN_CODE

另请参见：

常量字段值

构造方法详细信息

TokenInterceptor

public TokenInterceptor()

方法详细信息

setTextProvider

public void setTextProvider(com.opensymphony.xwork2.TextProvider textProvider)