1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16 package org.seasar.cubby.tags;
17
18 import static org.seasar.cubby.tags.TagUtils.toAttr;
19
20 import java.io.IOException;
21
22 import javax.servlet.http.HttpServletRequest;
23 import javax.servlet.http.HttpSession;
24 import javax.servlet.jsp.JspException;
25 import javax.servlet.jsp.JspWriter;
26 import javax.servlet.jsp.PageContext;
27
28 import org.seasar.cubby.controller.ThreadContext;
29 import org.seasar.cubby.util.TokenHelper;
30 import org.seasar.cubby.validator.validators.TokenValidator;
31 import org.seasar.framework.message.MessageFormatter;
32 import org.seasar.framework.util.StringUtil;
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47 public class TokenTag extends DynamicAttributesTagSupport {
48
49 private String name;
50
51
52
53
54
55
56
57 public void setName(final String name) {
58 this.name = name;
59 }
60
61
62
63
64 @Override
65 public void doTag() throws JspException, IOException {
66 final PageContext context = (PageContext) getJspContext();
67 final JspWriter out = context.getOut();
68
69 final String token = TokenHelper.generateGUID();
70 out.append("<input type=\"hidden\" name=\"");
71 if (StringUtil.isEmpty(name)) {
72 out.append(TokenHelper.DEFAULT_TOKEN_NAME);
73 } else {
74 out.append(name);
75 }
76 out.append("\" value=\"");
77 out.append(token);
78 out.append("\" ");
79 out.write(toAttr(getDynamicAttribute()));
80 out.append("/>");
81 final HttpServletRequest request = ThreadContext.getRequest();
82 if (request == null) {
83 throw new IllegalStateException(MessageFormatter.getMessage("ECUB0401", null));
84 }
85 final HttpSession session = request.getSession();
86 TokenHelper.setToken(session, token);
87 }
88 }