關于TokenProcessor令牌校驗工具類廢話不多說了,直接給大家貼代碼了,一切內容就在下面一段代碼中,具體代碼詳情如下所示:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
public class TokenProcessor { private long privious;// 上次生成表單標識號得時間值 private static TokenProcessor instance = new TokenProcessor(); public static String FORM_TOKEN_KEY = "FORM_TOKEN_KEY"; private TokenProcessor() { } public static TokenProcessor getInstance() { return instance; } /** * 驗證請求中得標識號是否有效,如果請求中的表單標識與當前用戶session中的相同,返回結果true= */ public synchronized boolean isTokenValid(HttpServletRequest request) { // 為避免session對象不存在時候創建Session對象 HttpSession session = request.getSession(false); if (session == null) { return false; } String saved = (String) session.getAttribute(FORM_TOKEN_KEY); if (saved == null) { return false; } String token = (String) request.getParameter(FORM_TOKEN_KEY); if (token == null) { return false; } return saved.equals(token); } /** * 驗證請求中得標識號是否有效,如果請求中的表單標識與當前用戶session中的相同,返回結果true= */ public synchronized boolean isTokenValid(HttpServletRequest request,String token) { // 未避免session對象不存在時候創建Session對象 HttpSession session = request.getSession(false); if (session == null) { return false; } String saved = (String) session.getAttribute(FORM_TOKEN_KEY); if (saved == null) { return false; } if (token == null) { return false; } return saved.equals(token); } /** * 清除存儲在當前用戶session中的表單標識號 */ public synchronized void reset(HttpServletRequest request) { HttpSession session = request.getSession(false); if (session == null) { return; } session.removeAttribute(FORM_TOKEN_KEY); } /** * 產生表單標識號并將之保存在當前用戶得session中 */ public synchronized void saveToken(HttpServletRequest request) { HttpSession session = request.getSession(); try { byte id[] = session.getId().getBytes(); long current = System.currentTimeMillis(); if (current == privious) { current++; } privious = current; byte now[] = String.valueOf(current).getBytes(); MessageDigest md = MessageDigest.getInstance("MD5"); md.update(id); md.update(now); String token = toHex(md.digest()); session.setAttribute(FORM_TOKEN_KEY, token); } catch (NoSuchAlgorithmException e) { } } /** * 將一個字節數轉換成十六進制得字符串 */ public String toHex(byte buffer[]) { StringBuffer sb = new StringBuffer(buffer.length * 2); for (int i = 0; i < buffer.length; i++) { sb.append(Character.forDigit((buffer[i] & 0x60) >> 4, 16)); sb.append(Character.forDigit(buffer[i] & 0x0f, 16)); } return sb.toString(); }} |
以上所述是小編給大家介紹的Java TokenProcessor令牌校驗工具類,希望對大家有所幫助,如果大家有任何疑問請給我留言,小編會及時回復大家的。在此也非常感謝大家對服務器之家網站的支持!
原文鏈接:http://blog.csdn.net/m0_37106742/article/details/60957008
