本文主要内容是使用token防重放的代码实现。
1. Token类
package com.bean;
public class Token {
public static final String DEFAULT_TOKEN_NAME = "token";
private final String tokenName;
private final String tokenValue;
public Token(String tokenName,String tokenValue){
this.tokenName = tokenName;
this.tokenValue = tokenValue;
}
public String getTokenName() {
return tokenName;
}
public String getTokenValue() {
return tokenValue;
}
}
2. TokenManager
package com.util;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import com.bean.Token;
public class TokenManager {
public static final String SESSION_TOKEN_KEY = "$SESSIONTOKEN";
public static String generateToken(){
return UUID.randomUUID().toString();