| Author |
Base64 Encoding
|
aymane chetibi
Ranch Hand
Joined: Apr 12, 2006
Posts: 175
|
|
hello all,
I just have a simple question:
I am encoding a string using Base64 encoding.
Can anyone given the code know what the string was (decode it)?
regards,
|
 |
Henry Wong
author
Sheriff
Joined: Sep 28, 2004
Posts: 16815
|
|
Originally posted by aymane chetibi:
hello all,
I just have a simple question:
I am encoding a string using Base64 encoding.
Can anyone given the code know what the string was (decode it)?
regards,
Sure... Why not?
Base64 is not encryption. It is used to convert binary data into text (readable) characters.
Henry
|
Books: Java Threads, 3rd Edition, Jini in a Nutshell, and Java Gems (contributor)
|
|
aymane chetibi
Ranch Hand
Joined: Apr 12, 2006
Posts: 175
|
|
Ok so in this case that's not what I want.
I am developping an application, and whenver the user creates an account I want to create a signature for that username and sent it in an email so that I can validate his account when he clicks on the link.
I tried using MD5 but then when I can the signature it's impossible to recover the first string. What do you advise me to do?
thank you.
|
|
Henry Wong
author
Sheriff
Joined: Sep 28, 2004
Posts: 16815
|
|
When I recommended base64 encoding in your other thread, it was in addition to your md5 work. This was because you needed the md5 hash as part of a url. I didn't suggest that it be use instead of md5.
As for being able to recover the password. Is that really necessary? I thought all you wanted was to confirm the correct password -- you don't actually need to recover it, to confirm if the user entered the correct password.
Henry
|
|
aymane chetibi
Ranch Hand
Joined: Apr 12, 2006
Posts: 175
|
|
It's not even the password.
Iam encoding the "Username".
to send a url like http://host/webapps/myApp/activateAccount?user="toto"&signature="signature generated from toto"
can you please explain to me how can I use both md5 and base64 encoding to do this simple thing ?
Thank you so much....
|
|
Henry Wong
author
Sheriff
Joined: Sep 28, 2004
Posts: 16815
|
|
Okay, I see...
First, the signature is something like this...
You still have to write both the methods to encode the md5 and base64. Noticed that the purpose of the base64 is so that you can have a string to add to a URL. If someone decodes it, all they get is the md5 hash -- and not the name.
Now how do you confirm this, when the user clicks it? Like this...
Notice that the signature is generated again -- as it is not possible to get the original name from the signature.
Henry
|
|
aymane chetibi
Ranch Hand
Joined: Apr 12, 2006
Posts: 175
|
|
Now it works fine.
Thank you.
regards,
|
|
 |
|
|
subject: Base64 Encoding
|
|
|
0
