File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes XML and Related Technologies and the fly likes Encryption in XML Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » XML and Related Technologies
Bookmark "Encryption in XML" Watch "Encryption in XML" New topic

Encryption in XML

dr priti

Joined: Mar 05, 2001
Posts: 18
I am using a XML file for login name and password validation. I want to encrypt it, so that no body should be able to see the password fields. I want to use JSP. Please help me in detail.

William Brogden
Author and all-around good cowpoke

Joined: Mar 22, 2000
Posts: 13036
Java has some nice encryption and digital signature classes.
Look in the package
I suppose you could apply the MD5 message digest algorithm to the supplied password and store that. I was fiddling with this recently.
static String md5sum(byte[] intext){
StringBuffer sb = new StringBuffer();
try {
// get Instance from Java Security Classes
MessageDigest md5 = MessageDigest.getInstance("MD5");
byte[] md5rslt = md5.digest( intext );
for( int i = 0 ; i < md5rslt.length ; i++ ){
sb.append(Integer.toHexString( (0xff & md5rslt[i])));
} catch(NoSuchAlgorithmException ex) {
return null ;
return sb.toString() ;
Jeroen Wenting
Ranch Hand

Joined: Oct 12, 2000
Posts: 5093
Yes, that is the only way I know of.
Encrypt the password before storing it, then encrypt the password entered in the authentication request before doing a simple string comparison.
It works well, except that there is no way to ever recover someone's password if he/she looses it. You'll have to create a random password generator to resend lost passwords.

I agree. Here's the link:
subject: Encryption in XML
jQuery in Action, 3rd edition