List of usage examples for com.google.gwt.user.client.rpc RpcTokenException RpcTokenException
public RpcTokenException(String msg)
From source file:de.itsvs.cwtrpc.controller.token.DefaultXsrfTokenService.java
License:Apache License
public XsrfToken generateToken(HttpServletRequest request) throws RpcTokenException { final byte[] sessionCookieBytes; final String token; Assert.notNull(request, "'request' must not be null"); sessionCookieBytes = getCookieBytes(request, getSessionCookieName()); if ((sessionCookieBytes == null) || (sessionCookieBytes.length == 0)) { throw new RpcTokenException( "Request does not contain required valid session cookie " + getSessionCookieName()); }// w ww . j a v a 2 s.co m token = getMd5HexString(sessionCookieBytes); if (log.isDebugEnabled()) { log.debug("Generated token '" + token + "'"); } return new XsrfToken(token); }
From source file:de.itsvs.cwtrpc.controller.token.DefaultXsrfTokenService.java
License:Apache License
public void validateToken(HttpServletRequest servletRequest, RPCRequest rpcRequest) throws RpcTokenException { final RpcToken token; final XsrfToken xsrfToken; final XsrfToken expectedXsrfToken; Assert.notNull(servletRequest, "'servletRequest' must not be null"); Assert.notNull(rpcRequest, "'rpcRequest' must not be null"); token = rpcRequest.getRpcToken();/*from w w w . ja va 2 s . co m*/ if (token == null) { throw new RpcTokenException("Request does not contain required XSRF token"); } if (!(token instanceof XsrfToken)) { throw new RpcTokenException( "RPC token is not required XSRF token [" + token.getClass().getName() + "]"); } xsrfToken = (XsrfToken) token; expectedXsrfToken = generateToken(servletRequest); if (log.isDebugEnabled()) { log.debug("Validating received token '" + xsrfToken.getToken() + "' against expected token '" + expectedXsrfToken.getToken() + "'"); } if (!expectedXsrfToken.getToken().equals(xsrfToken.getToken())) { throw new RpcTokenException("Received XSRF token does not match expected token"); } }