File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JSP and the fly likes Esapi Test Page Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login
JavaRanch » Java Forums » Java » JSP
Reply Bookmark "Esapi Test Page" Watch "Esapi Test Page" New topic
Author

Esapi Test Page

Michele Smith
Ranch Hand

Joined: Oct 27, 2010
Posts: 298
posted private message
0
Quote
I am having trouble with the items which call the Esapi encryption, however, I am able to verify page level encryption. I highlighted in bold what I am having trouble with, it doesn't return a value at all. Thanks,
Michele

P.S. If you have any ideas at all about this, please let me know. Thanks,
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
<%@ page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>

<%@page import="org.owasp.esapi.*"%>
<%@page import="org.owasp.esapi.crypto.CipherText"%>
<%@page import="org.owasp.esapi.crypto.PlainText"%>
<%@page import="org.owasp.esapi.errors.EncryptionException"%>



<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html>

<head>

<title>ESAPI Test Page</title>

</head>

<body>

<%
String queryString = request.getQueryString();

String encryptedQueryString = ESAPI.httpUtilities()
.encryptQueryString(queryString);

//Map decryptedQueryString = (Map) ESAPI.httpUtilities().decryptQueryString( encryptedQueryString );
%>

<%
// parentId => encrypted query string
String parentId = ESAPI.httpUtilities().encryptQueryString(
request.getQueryString() );

%>


<p>
The encrypted querystring for the parameters (parentId) is:
<%=parentId%></p>


<p>
The encrypted querystring for the parameters (parentId) is:
<%="ESAPI:httpUtilities.encryptQueryString(parentId)"%> </p>




<% // userId => encrypted query string
String userId = ESAPI.httpUtilities().encryptQueryString(
request.getQueryString() );

%>

<p>
The encrypted querystring for the parameters (userId) is:
<%=userId%></p>

<p>
The encrypted querystring for the parameters (userId) is:
<%="ESAPI:httpUtilities.encryptQueryString(userId)"%> </p>




<% // homeid => encrypted query string
String homeid = ESAPI.httpUtilities().encryptQueryString(
request.getQueryString() );

%>


<p>
The encrypted querystring for the parameters (homeid) is:
<%=homeid%></p>

<p>
The encrypted querystring for the parameters (homeid) is:
<%="ESAPI:httpUtilities.encryptQueryString(homeId)"%> </p>


<% // mode => encrypted query string
String mode = ESAPI.httpUtilities().encryptQueryString(
request.getQueryString() );

%>

<p>
The encrypted querystring for the parameters (mode) is:
<%=mode%></p>


<p>
The encrypted querystring for the parameters (mode) is:
<%="ESAPI:httpUtilities.encryptQueryString(mode)"%> </p>




<%
// if ( decryptedQueryString.equals( queryString ) ) {
%>





</body>

</html>
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Esapi Test Page
 
Similar Threads
login servlet = login successful doesn't show
The local variable may not have been initialized.
RC4 Encryption Issue
JSP, Solr - How to get fields from an Interator
dreamweaver & access