I'm currently developing a system which allows the user to login to perform their activities.
As a requirement, I'm developing a way for the user to reset their password if they forget.
Now, my web service is tied to a database, where it generates a unique token (expires after a certain amount of time)
and emails this to the user, for them to click and reset their password etc. The URL (with the unique token) they click is a JSP page, where I have
two fields and a "Submit" button.
As a security measure, I have two seperate JSP pages. One which is public accessible (contains the unique token, button, and two text fields),
and one that is inside the WEB-INF folder. I can forward the token parameter from the public accessible JSP to the JSP page inside the WEB-INF folder.
Is there a way that I can grab all of the parameters from the text fields on the JSP page and token, to send this off to my webservice.
Just a suggestion. How about you a form on the public page with 3 fields
2 text fileds -> for name and password ( I am guessing its a password reset page from your URL)
Then submit this form to the JSP to WEB_INF one and you will get all the 3 params in that JSP.
However, this is just one way of doing it , there can be other.
Muhammad Saif Asif Mirza
OCJA(5/6) OCJP(6) OCJWCD(6)