We have developed common utilities functionality in Java application having few RESTful web services and now planning to implement X-CSRF-Token implementation to make it REST webservices more secured.
Hello, Ashutosh. I would like to show you a simple example how Java generate a Token. Actually, Tokens are created base on your business requirement.
import java.security.MessageDigest;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Map.Entry;
import java.util.concurrent.Executors;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.apache.log4j.Logger;
public class TokenUtil {
private static final String YAN = "testMRf1$789787aadfjkds//*-+'[]jfeu;384785*^*&%^%$%";
private static Map<Integer, Token> tokenMap = new HashMap<Integer, Token>();
public static void main(String[] args) {
System.out.println(generateToken( "s",1));
}
public static Token generateToken(String uniq,int id) {
Token token = new Token(MD5(System.currentTimeMillis()+YAN+uniq+id), System.currentTimeMillis());
synchronized (tokenMap) {
tokenMap.put(id, token);
}
return token;
}
public final static String MD5(String s) {
try {
byte[] btInput = s.getBytes();
MessageDigest mdInst = MessageDigest.getInstance("MD5");
mdInst.update(btInput);
return byte2hex(mdInst.digest());
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
private static String byte2hex(byte[] b) {
StringBuilder sbDes = new StringBuilder();
String tmp = null;
for (int i = 0; i < b.length; i++) {
tmp = (Integer.toHexString(b[i] & 0xFF));
if (tmp.length() == 1) {
sbDes.append("0");
}
sbDes.append(tmp);
}
return sbDes.toString();
}
}
<br>
After the token created, All you have to do is provide restful web service so that the frontend are able to get this token by using Javascript and storage the token in browser localstorage or sessionstorage. thanks.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.