Hi,
Thanks for all the help. Looks like I was able to find
org.apache.catalina.filters.CSRF_NONCE. I was so happy I could have cried.
It was part of an HttpSession object that had an attribute of
org.apache.catalina.filters.CSRF_NONCE. Not sure why I couldn't find it before
but perhaps I was either checking the wrong HttpSession Object before or
checking it at the wrong time or something.
So now onto my next issue, I tried to so the following:
String nonce =
(String)session.getAttribute("org.apache.catalina.filters.CSRF_NONCE");
However the exception I received back was the following:
java.lang.ClassCastException:
org.apache.catalina.filters.CsrfPreventionFilter$LruCache cannot be cast to
java.lang.String
Ok, now I know that the org.apache.catalina.filters.CSRF_NONCE is not a String
but something else. In the API description for
org.apache.catalina.filters.CsrfPreventionFilter.LruCache<T> there is only two
methods: add and contains. Neither of which would help me access the value of
this CSRF_NONCE.
And maybe I'm going about this all wrong, and how this works, but what I was
thinking about doing was to grab what I had presumed to be a value from the
Attribute org.apache.catalina.filters.CSRF_NONCE and ensure that value gets
propagated so that when the XSLT does it's transformation it will be there
included with the link (we don't use JSP).
I am going about this correctly right? If so is there a value from
org.apache.catalina.filters.CSRF_NONCE that I should be able to extract? Like
the actual nonce value?
Cheers,
Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
