In article <46**************************@posting.google.com >,
Joe Ray <ra****@hotmail.com> wrote:
I am interested in passing encrypted HTML form data to a JSP page
where it is than decrypted. Can someone suggest a technique to do this
and the technology or encryption method I should use. If you have any
web resources I would appreciate that as well. Thanx in advance.
Perhaps the easiest way to take advantage of the SSL layer provided by be
Servlet Container. It's one of those "gotta have" items that any system
should have: Tomcat, Websphere, Netscape, Jetty, Orion, all have it.
It uses standard HTTPS. The Container handles the SSL details so that
the JSP gets the data after it's been unencrypted.
While all the different Container makers implement it differently at
the container level, all the JSP programmer has to do is make sure
that the specific JSP appears in the security constrint section of the
web.xml file.
<security-constraint>
<display-name>Secure Area</display-name>
<web-resource-collection>
<web-resource-name>JSP</web-resource-name>
<url-pattern>sensitivepage.jsp</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>