Author: germuska
Date: Fri Feb  4 17:01:07 2005
New Revision: 151453

URL: http://svn.apache.org/viewcvs?view=rev&rev=151453
Log:
expose an alternate token generation method which takes a String, to help 
extract ourselves from direct dependencies on the Servlet API.
Change the existing generateToken(HttpServletRequest) method to simply pass the 
session ID in as a token ID.

Modified:
    struts/core/trunk/src/share/org/apache/struts/util/TokenProcessor.java

Modified: struts/core/trunk/src/share/org/apache/struts/util/TokenProcessor.java
URL: 
http://svn.apache.org/viewcvs/struts/core/trunk/src/share/org/apache/struts/util/TokenProcessor.java?view=diff&r1=151452&r2=151453
==============================================================================
--- struts/core/trunk/src/share/org/apache/struts/util/TokenProcessor.java 
(original)
+++ struts/core/trunk/src/share/org/apache/struts/util/TokenProcessor.java Fri 
Feb  4 17:01:07 2005
@@ -167,8 +167,20 @@
     public synchronized String generateToken(HttpServletRequest request) {
 
         HttpSession session = request.getSession();
+        return generateToken(session.getId());
+
+    }
+
+    /**
+     * Generate a new transaction token, to be used for enforcing a single
+     * request for a particular transaction.
+     * 
+     * @param id a unique Identifier for the session or other context in
+     * which this token is to be used.
+     */
+    public synchronized String generateToken(String id) {
+
         try {
-            byte id[] = session.getId().getBytes();
             long current = System.currentTimeMillis();
             if (current == previous) {
                 current++;
@@ -176,7 +188,7 @@
             previous = current;
             byte now[] = new Long(current).toString().getBytes();
             MessageDigest md = MessageDigest.getInstance("MD5");
-            md.update(id);
+            md.update(id.getBytes());
             md.update(now);
             return toHex(md.digest());
         } catch (NoSuchAlgorithmException e) {



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to