Encription
[272 byte] By [farakha] at [2007-11-27 6:12:47] 
<.... action=/servlet/rcvData method=post>when the form submits data its look like:http://www.domainName.com/servlet/login?user=asdf&pass=asdfthe user is seeing login/pass. how do i encrypt?thanks
ssl
prob.not.sola at 2007-7-12 17:20:21 >
> sslSSL for secure connection , and the poster want only to encrypt data
eaajea at 2007-7-12 17:20:21 >
> > ssl> > SSL for secure connection , and the poster want only> to encrypt datayeah; and that's what ssl does.
prob.not.sola at 2007-7-12 17:20:21 >
> > > ssl> > > > SSL for secure connection , and the poster want> only> > to encrypt data> > yeah; and that's what ssl does.and is the only sensible way to do it.
sabre150a at 2007-7-12 17:20:21 >
> > > > ssl
> > >
> > > SSL for secure connection , and the poster want
> > only
> > > to encrypt data
> >
> > yeah; and that's what ssl does.
>
> and is the only sensible way to do it.
ssl is hardly sensible.
prob.not.sola at 2007-7-12 17:20:21 >
> > and is the only sensible way to do it.> > ssl is hardly sensible.:-)
sabre150a at 2007-7-12 17:20:21 >
> > > and is the only sensible way to do it.> > > > ssl is hardly sensible.> > :-):Pi expected an argument on that one :)
prob.not.sola at 2007-7-12 17:20:21 >
so there is no another way to encrypt data unless by SSL ? SSL not only for encrypt data its also prevent Man in The Middle and have Key management ( public , private)
eaajea at 2007-7-12 17:20:21 >
> > > > and is the only sensible way to do it.
> > >
> > > ssl is hardly sensible.
> >
> > :-)
>
> :P
>
> i expected an argument on that one :)
Nothing to argue! Having spent several hours going through "SSL and TLS Essentials" I would agree.
I think the OP should also be aware that he will need to use POST rather than the GET as in his example.
sabre150a at 2007-7-12 17:20:21 >
> so there is no another way to encrypt data unless by
> SSL ?
well of course there is,
> SSL not only for encrypt data its also prevent Man
> in The Middle and have Key management ( public ,
> private)
well, encryption prevents man in the middle attack; ssl does use rsa for a setup phase, but the actual data isn't encrypted with that.
prob.not.sola at 2007-7-12 17:20:21 >
as i know , encryption doesn't prevent Man in the Middle attack .Mutual Authentication , Kerberos , prevent man in the Middle ,but encryption it self not prevent Man in the Middle
eaajea at 2007-7-12 17:20:21 >
> as i know , encryption doesn't prevent Man in the
> Middle attack .
> Mutual Authentication , Kerberos , prevent man in the
> Middle ,
> but encryption it self not prevent Man in the Middle
well, kerberos is just a protocol; mitm is about editing/reading messages that are passed through the 'man'.
if it's encrypted [symmetrically] then this attack is not possible.
some replay is possible; obviously, but depending on the implementation of the protocol you can avoid that easily.
symmetric encryption is typically enough.
prob.not.sola at 2007-7-12 17:20:21 >
> <.... action=/servlet/rcvData method=post>> when the form submits data its look like:> http://www.domainName.com/servlet/login?user=asd> f&pass=asdfYou have a form that is doing a post that looks like that?
cotton.ma at 2007-7-12 17:20:21 >
> > <.... action=/servlet/rcvData method=post>
> > when the form submits data its look like:
> >
> http://www.domainName.com/servlet/login?user=asd
>
> > f&pass=asdf
>
> You have a form that is doing a post that looks like
> that?
thanks for replies. plz let me know what should i do?
farakha at 2007-7-12 17:20:21 >
> > > <.... action=/servlet/rcvData method=post>
> > > when the form submits data its look like:
> > >
> >
> http://www.domainName.com/servlet/login?user=asd
>
> >
> > > f&pass=asdf
> >
> > You have a form that is doing a post that looks
> like
> > that?
>
> thanks for replies. plz let me know what should i do?
Well for one thing I would investigate why my post form was doing a get instead....
Then. Use SSL. This was mentioned several times now. Is there something about that answer that you do not understand?
cotton.ma at 2007-7-21 21:46:00 >
> Then. Use SSL. This was mentioned several times now.> Is there something about that answer that you do not> understand?thanks cotton.m for replyUse SSL>> this is the problem sir that how i use it
farakha at 2007-7-21 21:46:00 >
Java Essentials New Topic
Java Essentials Hot Topic
Java Essentials
All Classified
- Archived Forums
- Enterprise & Remote Computing
- Java Essentials
- Desktop
- Core
- Solaris Operating System
- Security
- Database Connectivity
- Java Mobility Forums
- Web & Directory Servers
- Development Tools
- Application & Integration Servers
- Java HotSpot Virtual Machine
- Other Topics
- E-Mail, Calendar, & Collaboration
- Developer Tools
- General
- Administration Tools
- Sun Hardware
- Storage Forums
- Java Enterprise System
- StarOffice
- Open Source Technologies
- BigAdmin
- Real-Time
- Java Coding