jQuery in Action, 3rd edition
The moose likes Security and the fly likes encrypting/decrypting query strings Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "encrypting/decrypting query strings" Watch "encrypting/decrypting query strings" New topic

encrypting/decrypting query strings

Matt Newboult

Joined: Feb 08, 2007
Posts: 2
I have an unusual problem that I'm struggling to get help with. We have a website with a login procedure and another site would like to access the site (from theirs) without having to logon. They want it to appear seamless. To do that they want to provide a hyperlink with the user and password in it as url parameters. Their site runs with ASP over IIS and ours using J2EE running OC4J (Oracle J2EE). Does anyone know of any good resources to look at to solve this?

I'm looking for something that will allow their ASP developers to encrypt a string so that I can decrypt it using J2EE. I've found Java->Java versions, but am looking for something that will work across these two platforms.

Any comments appreciated.
[ February 08, 2007: Message edited by: Matt Newboult ]
Rahul Bhattacharjee
Ranch Hand

Joined: Nov 29, 2005
Posts: 2308
To my best of knowledge , Algorithms and the parameters to those are like specification.So as long as the algorithm used by Asp is same as the algorithm used by j2ee to decrypt.It's ok and should work.

Rahul Bhattacharjee
LinkedIn - Blog
Hung Tang
Ranch Hand

Joined: Feb 14, 2002
Posts: 148
There should be algorithms available on both platforms. Try looking into RC-4. It's pretty simple to understand, analyze, fast, code and secure. The hardest part is probably dealing with key-management. If the key won't change much, this isn't probably much of a concern. But if you need a more robust solution, then you need to add in public-key encryption like RSA. This is pretty much then SSL So you might just re-think to make everything done over SSL.
I agree. Here's the link: http://aspose.com/file-tools
subject: encrypting/decrypting query strings
jQuery in Action, 3rd edition