• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

how do i encrypt/decrypt query string.

 
Ranch Hand
Posts: 223
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
how do i encrypt/decrypt query string.
 
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If with query String you mean HTTP request/response body, I think (not sure) the only way is to use HTTPS
 
hasan khan
Ranch Hand
Posts: 223
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i already have HTTPS for my website, but what about the links such as https://www.mywebsite.com/myservlet.do?custid=786&orderid=1234&someOtherImportantParameter=5678

i dont want user to modify the value for custid, orderid and try to access someone else information.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You should only allow such operations for authenticated users, so that you can check whether the orderid should properly be accessible by the user in question.

If you really want to, you could use JCE for encrypting the query string, but that's not the proper solution to your problem - authentication is.
[ June 01, 2006: Message edited by: Ulf Dittmer ]
 
hasan khan
Ranch Hand
Posts: 223
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i appreciate your alternative suggestions, but i am simply looking to encrypt/decrypt query string. i have searched on google, but i got some paid ones, i am looking for some free one which i can use in jsp.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm not sure what you mean by "paid ones" and "free ones", but JCE can be downloaded from java.sun.com.
 
hasan khan
Ranch Hand
Posts: 223
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
ok, do u have any simple example of encrypting/decrypting a String using JCE
 
Ranch Hand
Posts: 1847
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can't prevent people from sending corrupt data over http, whether using http or https.
The https encryption is purely to deter snooping of the data in transit.

If you don't trust your users, use heavy serverside validation in combination with https post requests in order to make it as hard as possible for them to do something nasty.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by hasaN khaN:
ok, do u have any simple example of encrypting/decrypting a String using JCE



Did you miss the link in my earlier post? That's as bare-bones as it gets.
 
Put the moon back where you found it! We need it for tides and poetry and stuff. Like this tiny ad:
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic