I was recently ferretting around for different ways to handle XSRF protection in Struts 2.
(an explanation of this can be found here)
I was curious to see what other people are doing around this, but it seems that (as I expected) the general best practice still seems to be around unique token submission - which is fine.
At the same time. it dawned on me that I've not come across too much on how to do this with Struts 2.
But, fear not faithful readers, this blog entry here http://nickcoblentz.blogspot.com/2008/11/csrf-prevention-in-struts-2.html sums it up nicely.
Incidently, this guy also deals with several other Struts 2 topics in his blog, worth a look.
I value the blog post.Really looking forward to read more. Really Cool.
ReplyDeleteOTM online online training
SAS online online training
structs online online training