This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to read POST parameters?

 
Ramaprasad Kolla
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I have a business scenario here...

1. User logs into SAP Portal with defined userid/password
2. Portal has a hyperlink, that when clicked navigates the user to our application (some xyz say) in a new window. Internally Portal sends
a GET request, appending the userid given in step 1 onto URL, to our application deployed on WebSphere Process Server. URL shown
on the new browser window is in encrypted form but when user opens up a blank window and types the starting characters of the
actual URL of our application it is shown along with the userid parameter appended to URL. If this is the case then users can change
the userid value and can misuse the application. Please provide any suggestions to overcome this misuse..

Note: We have tried a POST request from SAP Portal but we are unable to read the userid parameter

Thank you in advance,
 
Abhishk Gupta
Greenhorn
Posts: 22
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Rama,

I am not sure how SAP portal works but if you have the userid/pwd in request, this should work.
If you don't have the current request handy, add this in your code and check if it works.

 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic