Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to read POST parameters?

 
Ramaprasad Kolla
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I have a business scenario here...

1. User logs into SAP Portal with defined userid/password
2. Portal has a hyperlink, that when clicked navigates the user to our application (some xyz say) in a new window. Internally Portal sends
a GET request, appending the userid given in step 1 onto URL, to our application deployed on WebSphere Process Server. URL shown
on the new browser window is in encrypted form but when user opens up a blank window and types the starting characters of the
actual URL of our application it is shown along with the userid parameter appended to URL. If this is the case then users can change
the userid value and can misuse the application. Please provide any suggestions to overcome this misuse..

Note: We have tried a POST request from SAP Portal but we are unable to read the userid parameter

Thank you in advance,
 
Abhishk Gupta
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Rama,

I am not sure how SAP portal works but if you have the userid/pwd in request, this should work.
If you don't have the current request handy, add this in your code and check if it works.

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic