List of usage examples for com.google.gwt.user.client.rpc XsrfToken getToken
public String getToken()
From source file:de.itsvs.cwtrpc.controller.token.DefaultXsrfTokenService.java
License:Apache License
public void validateToken(HttpServletRequest servletRequest, RPCRequest rpcRequest) throws RpcTokenException { final RpcToken token; final XsrfToken xsrfToken; final XsrfToken expectedXsrfToken; Assert.notNull(servletRequest, "'servletRequest' must not be null"); Assert.notNull(rpcRequest, "'rpcRequest' must not be null"); token = rpcRequest.getRpcToken();/*from w w w . j av a2 s . com*/ if (token == null) { throw new RpcTokenException("Request does not contain required XSRF token"); } if (!(token instanceof XsrfToken)) { throw new RpcTokenException( "RPC token is not required XSRF token [" + token.getClass().getName() + "]"); } xsrfToken = (XsrfToken) token; expectedXsrfToken = generateToken(servletRequest); if (log.isDebugEnabled()) { log.debug("Validating received token '" + xsrfToken.getToken() + "' against expected token '" + expectedXsrfToken.getToken() + "'"); } if (!expectedXsrfToken.getToken().equals(xsrfToken.getToken())) { throw new RpcTokenException("Received XSRF token does not match expected token"); } }