2011/8/8 Nadav Katz :
\>
> I have a filter in place for validating CSRF tokens. I only wish to validate
> requests coming from the client, so no validation for dynamic includes or
> forwards. My web.xml for the filter looks like this:
>
>
> CSRFFilter
> *.jsp
> SomeServle
Hello,
I have a filter in place for validating CSRF tokens. I only wish to validate
requests coming from the client, so no validation for dynamic includes or
forwards. My web.xml for the filter looks like this:
CSRFFilter
*.jsp
SomeServlet
Servlet spec 2.4+ states u
Hi Chema
I take your point. But this is a problem solved by JSR168/286 portal
implementations. Perhaps you could use a portal for your purposes? Otherwise
I would suggest taking a look at Apache Jetspeed or Liferay source code to
see how they implement cross-war session sharing. Both portals c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mohit,
On 8/6/2011 9:41 PM, Mohit Anchlia wrote:
> thanks for your input. Is it ok to make Http Calls and wait for
> response inside of Valve or Filter?
Sure. You can do whatever you'd like.
> Are there any problems that might arise because of this
