You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Yu Ye Zhou <yu...@yahoo.com> on 2002/07/19 21:47:45 UTC
servlet and cryptography?
I have a html login page. I use a servlet to query
my database to varify the login name and password
that's enter from the html. For security reason, I
want to encrype the user name and password. In the
servlet, I use method getParameter() to get the user
name and password. Should I encrype the password in
the html page?(change it to jsp) or should I encrype
immediatly after the call to getParameter()? Do any
one knows how the getParameter() method works when it
gets information accross the network.
Thanks.
Yu Ye Zhou
__________________________________________________
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: servlet and cryptography?
Posted by Yu Ye Zhou <yu...@yahoo.com>.
Vernon, thanks for you info.
Yu
--- Vernon Wu <ve...@gatewaytech.com> wrote:
>
> Any advanced JSP book shall cover the Mode 2. I
> highly recommand "Advanced JavaServer Pages" by
> David Geary.
> You also can find out a lot of related inforamtion
> on-line by usind Google.
>
>
> 7/19/2002 1:02:54 PM, Yu Ye Zhou
> <yu...@yahoo.com> wrote:
>
> >Can you tell me the place I can go to learn more
> about
> >the Mode 2 or MVC? I didn't use it at all.
> >Thanks.
> >
> >
> >--- Vernon Wu <ve...@gatewaytech.com> wrote:
> >>
> >> I guess you don't use the Mode 2 or MVC in your
> >> project. To have a better structure/architecture
> of
> >> your Java Web
> >> Service application, you shall consider to employ
> >> the Mode 2 and all business logic shalln't take
> >> place on a JSP page.
> >> In other words, the pass word shalln't be
> encryped
> >> on a JSP page.
> >>
> >> BTW, I don't see any reason to encrype a user
> name.
> >>
> >>
> >> 7/19/2002 12:47:45 PM, Yu Ye Zhou
> >> <yu...@yahoo.com> wrote:
> >>
> >> > I have a html login page. I use a servlet to
> >> query
> >> >my database to varify the login name and
> password
> >> >that's enter from the html. For security reason,
> I
> >> >want to encrype the user name and password. In
> the
> >> >servlet, I use method getParameter() to get the
> >> user
> >> >name and password. Should I encrype the password
> in
> >> >the html page?(change it to jsp) or should I
> >> encrype
> >> >immediatly after the call to getParameter()? Do
> any
> >> >one knows how the getParameter() method works
> when
> >> it
> >> >gets information accross the network.
> >> >
> >> >Thanks.
> >> >
> >> >Yu Ye Zhou
> >> >
> >>
> >__________________________________________________
> >> >Do You Yahoo!?
> >> >Yahoo! Autos - Get free new car price quotes
> >> >http://autos.yahoo.com
> >> >
> >> >--
> >> >To unsubscribe, e-mail:
> >>
> <ma...@jakarta.apache.org>
> >> >For additional commands, e-mail:
> >> <ma...@jakarta.apache.org>
> >> >
> >> >
> >>
> >>
> >>
> >>
> >> --
> >> To unsubscribe, e-mail:
> >>
> <ma...@jakarta.apache.org>
> >> For additional commands, e-mail:
> >> <ma...@jakarta.apache.org>
> >>
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! Autos - Get free new car price quotes
> >http://autos.yahoo.com
> >
> >--
> >To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> >For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
> >
>
>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: servlet and cryptography?
Posted by Vernon Wu <ve...@gatewaytech.com>.
Any advanced JSP book shall cover the Mode 2. I highly recommand "Advanced JavaServer Pages" by David Geary.
You also can find out a lot of related inforamtion on-line by usind Google.
7/19/2002 1:02:54 PM, Yu Ye Zhou <yu...@yahoo.com> wrote:
>Can you tell me the place I can go to learn more about
>the Mode 2 or MVC? I didn't use it at all.
>Thanks.
>
>
>--- Vernon Wu <ve...@gatewaytech.com> wrote:
>>
>> I guess you don't use the Mode 2 or MVC in your
>> project. To have a better structure/architecture of
>> your Java Web
>> Service application, you shall consider to employ
>> the Mode 2 and all business logic shalln't take
>> place on a JSP page.
>> In other words, the pass word shalln't be encryped
>> on a JSP page.
>>
>> BTW, I don't see any reason to encrype a user name.
>>
>>
>> 7/19/2002 12:47:45 PM, Yu Ye Zhou
>> <yu...@yahoo.com> wrote:
>>
>> > I have a html login page. I use a servlet to
>> query
>> >my database to varify the login name and password
>> >that's enter from the html. For security reason, I
>> >want to encrype the user name and password. In the
>> >servlet, I use method getParameter() to get the
>> user
>> >name and password. Should I encrype the password in
>> >the html page?(change it to jsp) or should I
>> encrype
>> >immediatly after the call to getParameter()? Do any
>> >one knows how the getParameter() method works when
>> it
>> >gets information accross the network.
>> >
>> >Thanks.
>> >
>> >Yu Ye Zhou
>> >
>> >__________________________________________________
>> >Do You Yahoo!?
>> >Yahoo! Autos - Get free new car price quotes
>> >http://autos.yahoo.com
>> >
>> >--
>> >To unsubscribe, e-mail:
>> <ma...@jakarta.apache.org>
>> >For additional commands, e-mail:
>> <ma...@jakarta.apache.org>
>> >
>> >
>>
>>
>>
>>
>> --
>> To unsubscribe, e-mail:
>> <ma...@jakarta.apache.org>
>> For additional commands, e-mail:
>> <ma...@jakarta.apache.org>
>>
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Autos - Get free new car price quotes
>http://autos.yahoo.com
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: servlet and cryptography?
Posted by Yu Ye Zhou <yu...@yahoo.com>.
Can you tell me the place I can go to learn more about
the Mode 2 or MVC? I didn't use it at all.
Thanks.
--- Vernon Wu <ve...@gatewaytech.com> wrote:
>
> I guess you don't use the Mode 2 or MVC in your
> project. To have a better structure/architecture of
> your Java Web
> Service application, you shall consider to employ
> the Mode 2 and all business logic shalln't take
> place on a JSP page.
> In other words, the pass word shalln't be encryped
> on a JSP page.
>
> BTW, I don't see any reason to encrype a user name.
>
>
> 7/19/2002 12:47:45 PM, Yu Ye Zhou
> <yu...@yahoo.com> wrote:
>
> > I have a html login page. I use a servlet to
> query
> >my database to varify the login name and password
> >that's enter from the html. For security reason, I
> >want to encrype the user name and password. In the
> >servlet, I use method getParameter() to get the
> user
> >name and password. Should I encrype the password in
> >the html page?(change it to jsp) or should I
> encrype
> >immediatly after the call to getParameter()? Do any
> >one knows how the getParameter() method works when
> it
> >gets information accross the network.
> >
> >Thanks.
> >
> >Yu Ye Zhou
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! Autos - Get free new car price quotes
> >http://autos.yahoo.com
> >
> >--
> >To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> >For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
> >
>
>
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: servlet and cryptography?
Posted by Vernon Wu <ve...@gatewaytech.com>.
I guess you don't use the Mode 2 or MVC in your project. To have a better structure/architecture of your Java Web
Service application, you shall consider to employ the Mode 2 and all business logic shalln't take place on a JSP page.
In other words, the pass word shalln't be encryped on a JSP page.
BTW, I don't see any reason to encrype a user name.
7/19/2002 12:47:45 PM, Yu Ye Zhou <yu...@yahoo.com> wrote:
> I have a html login page. I use a servlet to query
>my database to varify the login name and password
>that's enter from the html. For security reason, I
>want to encrype the user name and password. In the
>servlet, I use method getParameter() to get the user
>name and password. Should I encrype the password in
>the html page?(change it to jsp) or should I encrype
>immediatly after the call to getParameter()? Do any
>one knows how the getParameter() method works when it
>gets information accross the network.
>
>Thanks.
>
>Yu Ye Zhou
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! Autos - Get free new car price quotes
>http://autos.yahoo.com
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>