aspose file tools*
The moose likes XML and Related Technologies and the fly likes Encryption in XML Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » XML and Related Technologies
Bookmark "Encryption in XML" Watch "Encryption in XML" New topic
Author

Encryption in XML

dr priti
Greenhorn

Joined: Mar 05, 2001
Posts: 18
Hi,
I am using a XML file for login name and password validation. I want to encrypt it, so that no body should be able to see the password fields. I want to use JSP. Please help me in detail.

William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12823
    
    5
Java has some nice encryption and digital signature classes.
Look in the java.security package
I suppose you could apply the MD5 message digest algorithm to the supplied password and store that. I was fiddling with this recently.
static String md5sum(byte[] intext){
StringBuffer sb = new StringBuffer();
try {
// get Instance from Java Security Classes
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] md5rslt = md5.digest( intext );
for( int i = 0 ; i < md5rslt.length ; i++ ){
sb.append(Integer.toHexString( (0xff & md5rslt[i])));
}
} catch(NoSuchAlgorithmException ex) {
System.err.println(ex);
return null ;
}
return sb.toString() ;
}
Bill
Jeroen Wenting
Ranch Hand

Joined: Oct 12, 2000
Posts: 5093
Yes, that is the only way I know of.
Encrypt the password before storing it, then encrypt the password entered in the authentication request before doing a simple string comparison.
It works well, except that there is no way to ever recover someone's password if he/she looses it. You'll have to create a random password generator to resend lost passwords.


42
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Encryption in XML