File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Encryption in XML

 
dr priti
Greenhorn
Posts: 18
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I am using a XML file for login name and password validation. I want to encrypt it, so that no body should be able to see the password fields. I want to use JSP. Please help me in detail.

 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13045
6
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Java has some nice encryption and digital signature classes.
Look in the java.security package
I suppose you could apply the MD5 message digest algorithm to the supplied password and store that. I was fiddling with this recently.
static String md5sum(byte[] intext){
StringBuffer sb = new StringBuffer();
try {
// get Instance from Java Security Classes
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] md5rslt = md5.digest( intext );
for( int i = 0 ; i < md5rslt.length ; i++ ){
sb.append(Integer.toHexString( (0xff & md5rslt[i])));
}
} catch(NoSuchAlgorithmException ex) {
System.err.println(ex);
return null ;
}
return sb.toString() ;
}
Bill
 
Jeroen Wenting
Ranch Hand
Posts: 5093
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, that is the only way I know of.
Encrypt the password before storing it, then encrypt the password entered in the authentication request before doing a simple string comparison.
It works well, except that there is no way to ever recover someone's password if he/she looses it. You'll have to create a random password generator to resend lost passwords.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic