java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/posluchac/OchranaProtiCSRF.java Sat Jan 15 18:14:15 2011 +0100
1.3 @@ -0,0 +1,23 @@
1.4 +package cz.frantovo.nekurak.posluchac;
1.5 +
1.6 +import javax.servlet.http.HttpSessionEvent;
1.7 +import javax.servlet.http.HttpSessionListener;
1.8 +
1.9 +/**
1.10 + *
1.11 + * @author fiki
1.12 + */
1.13 +public class OchranaProtiCSRF implements HttpSessionListener {
1.14 +
1.15 + public static final String NAZEV_ATRIBUTU = "CSRF_TOKEN";
1.16 +
1.17 + @Override
1.18 + public void sessionCreated(HttpSessionEvent se) {
1.19 + String csrfToken = String.valueOf(Math.random());
1.20 + se.getSession().setAttribute(NAZEV_ATRIBUTU, csrfToken);
1.21 + }
1.22 +
1.23 + @Override
1.24 + public void sessionDestroyed(HttpSessionEvent se) {
1.25 + }
1.26 +}