ÀûÓÃJSP£¬·ÀÖ¹Öظ´Ìá½»µÄÎÊÌâ
Ò»°ã£¬ÔںܶàÓ¦ÓÃϵͳÖУ¬Óû§¶à´ÎÌá½»Öظ´Êý¾ÝÊÇÒ»¸öºÜÑÏÖصÄÎÊÌ⣬»áµ¼ÖÂÓ¦ÓÃϵͳÖкܶàÀ¬»øÊý¾Ý£¬ÔÚStrutsÖпò¼ÜÖУ¬ÓÐTOKEN»úÖÆÀ´·ÀÖ¹Óû§Ìá½»Öظ´Êý¾Ý£¬ÕâÊÇÒ»¸öºÜºÃµÄ°ì·¨£¬µ«ÊÇ£¬TOKEN»úÖƱØÐëµÃÓõ½html:form±êÇ©£¬ÎÒ²»Ï²»¶ÓÃÕâ¸ö±êÇ©£¬ÎÒ¾õµÃÊÇÒ»¸öÀÛ׸£¬ËùÒÔÎÒÈ¥µôHTML:FORM±êÇ©£¬ÖØж¨ÒåTOKEN»úÖÆ£¬·½·¨ÈçÏ£º
1¡¢´´ÐÂÐÂÀà,TokenProcess
public class TokenProcessor {
private long privious;//ÉÏ´ÎÉú³É±íµ¥±êʶºÅµÃʱ¼äÖµ
private static TokenProcessor instance=new TokenProcessor();
public static String FORM_TOKEN_KEY="FORM_TOKEN_KEY";
private TokenProcessor(){
}
public static TokenProcessor getInstance(){
return instance;
}
/**
* ÑéÖ¤ÇëÇóÖеñêʶºÅÊÇ·ñÓÐЧ£¬Èç¹ûÇëÇóÖÐµÄ±íµ¥±êʶÓ뵱ǰÓû§sessionÖеÄÏàͬ£¬·µ»Ø½á¹ûtrue=
*/
public synchronized boolean isTokenValid(HttpServletRequest request){
//δ±ÜÃâsession¶ÔÏó²»´æÔÚʱºò´´½¨Session¶ÔÏó
HttpSession session=request.getSession(false);
if(session==null){return false;}
String saved=(String)session.getAttribute(FORM_TOKEN_KEY);
if(saved==null){
return false;
}
St
Ïà¹ØÎĵµ£º
request request±íʾHttpServletRequest¶ÔÏó¡£Ëü°üº¬ÁËÓйØä¯ÀÀÆ÷ÇëÇóµÄÐÅÏ¢£¬²¢ÇÒÌṩÁ˼¸¸öÓÃÓÚ»ñÈ¡cookie, header, ºÍsessionÊý¾ÝµÄÓÐÓõķ½·¨¡£
response response±íʾHttpServletResponse¶ÔÏ󣬲¢ÌṩÁ˼¸¸öÓÃÓÚÉèÖÃËÍ»Ø ä¯ÀÀÆ÷µÄÏìÓ¦µÄ·½·¨£¨Èçcookies,Í·ÐÅÏ¢µÈ£©
out out ¶ÔÏóÊÇjavax.jsp.JspWriterµÄÒ»¸öʵÀý£¬ ......
ÔÚtomcatÏÂÕÒµ½tomcat -> conf -> server.xml ÔÚÕâÒ»¾äÖÐÌí¼ÓºìÉ«²¿·Ö
<Connector connectionTimeout="20000" port="9090" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true"
/> <!--URLEncoding=""--> ± ......
JspÊÇÒ»¸öºÜÈÈÃŵĻ°Ì⣬µ«Èôó¶àÊýÈ˶¼Í·Í´µÄÊÇJSPÒ³ÃæÖеÄÂÒÂëÎÊÌ⣬±ÊÕßÉíÓÐÌå»á£»ÔøΪÁ˽â¾öÖÐÎÄÂÒÂëÎÊÌâÓôÃÆÁ˺ü¸Ì죬ÊÔÁ˺ܶ෽·¨¶¼²»ÐС£×îºóÔÚJSPרҵÈËÊ¿µÄ°ïÖúÏ£¬ÖÕÓÚ½â¾ö¡£Ö®ºó±ÊÕßÔø¶Ô´Ë×öÁËһЩСµÄÑо¿¡£
Ê×ÏÈÎÒÃÇÏÈÁ˽âÒ»ÏÂÎÊÌâµÄÔÒò¡£Ò»°ãÇé¿öÔÚÔÚÿ¸öJSPÒ³µÄÍ·²¿¶¼ÓÐÕâÑùÒ» ......
1 javascript £¬ÉèÖÃÒ»¸ö±äÁ¿£¬Ö»ÔÊÐíÌá½»Ò»´Î¡£
2 »¹ÊÇjavascript£¬½«Ìá½»°´Å¥»òÕßimageÖÃΪdisable
onsubmit="getElById('submitInput').disabled = true; return true;">
3 ÀûÓÃstrutsµÄͬ²½ÁîÅÆ»úÖÆ
......
