com.google.gwt.user.server.rpc

Class XsrfProtectedServiceServlet

java.lang.Object

com.google.gwt.user.server.rpc.XsrfProtectedServiceServlet

public static class XsrfProtectedServiceServlet
extends Object

EXPERIMENTAL and subject to change. Do not use this in production code.

The servlet base class for RPC service implementations using default XSRF protection tied to authentication session cookie.

XSRF token validation is performed by generating MD5 hash of the session cookie and comparing supplied XsrfToken with the generated hash. Session cookie name is specified by the "gwt.xsrf.session_cookie_name" context parameter in web.xml.

XsrfTokenService can be used by clients to obtain XsrfTokens that will pass validation performed by this class.

See Also:

XsrfTokenServiceServlet, AbstractXsrfProtectedServiceServlet, Serialized Form

Method Summary

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, toString