This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I'm getting back into the saddle here after a few months out to pasture and had a couple questions regarding Servlets 4b.
It mentions the method to retrieve values from a Cookie. But, the instructions do not mention what we should do with this value.
Are we supposed to compare the value of the cookie to some expected value? In this case it is a password. But the only way to do that is to store the password as a string when it is entered. I thought it was not a good idea to store passwords in this way.
Am I missing something or did you have something different in mind?
In fact, when you get a little more skill under your belt, you should never store a password ever. But that is another discussion for another day.
What you are going to do is to store something in the cookie that is your own personal proof that you know that you wrote that, not some hacker. For the sake of this assignment, response.addCookie( new Cookie("favorite_cheese", "extra stinky bloo cheese") ); is acceptable. For the real world when the data does not have particularly great value, writing "dfwegx", "94tuw62k" is probably good enough. For higher security, you might work in an obfuscated time/date algorithm with a CRC or rich hash.