令牌拦截器如何在 Struts 2 中工作
Struts2 提供令牌拦截器以确保每个令牌只处理一个请求,但是,我不明白它是如何工作的,如果用户发送一个请求两次会发生什么?用户是否获得无效令牌或获得第一个请求的响应?这个拦截器背后的逻辑是什么?
Struts2 provide Token Interceptor for ensures that only one request per token is processed, But, I don't understand how it works, if a user send the one request twice what happens? Does the user get an invalid token or get response of the first request? What is a logic behind this interceptor?
推荐答案
token 拦截器在发现无效令牌时返回结果invalid.token.逻辑很简单:它使用会话保存每个请求的有效令牌,并在拦截时通过比较发送的和来自会话的另一个来检查它.
The token interceptor returns the result invalid.token when an invalid token is found. The logic is simple: it uses a session to save a valid token per request and when intercept it checks it by comparing one that sent and other that is from session.