tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Power-Netz \(Schwarz\)" <schw...@power-netz.de>
Subject AW: Security problem?
Date Fri, 07 Jun 2002 08:50:39 GMT


> -----Urspr√ľngliche Nachricht-----
> Von: Laura [mailto:lauradiara@libero.it]
> Gesendet: Freitag, 7. Juni 2002 10:47
> An: tomcat-user@jakarta.apache.org
> Betreff: Security problem?
>
>
> Hi all,
>
> it might be that I have a security problem and you should tell me if I am
> right.
> Well, I have a server with an ecommerce application: an user can buy
> something a when he has to pay the servlet of the web application
> executes a
> redirect to my servlet (in a different server) passing me the sum
> of money
> that the user has to pay.
>
> Could the user change the sum of money? Is redirect secure?

put the value into an object, serialize it and send the object directly to
the other servers app. at best via SSL, or
encrypt it yourself ( at least the stored informations ).

M.Schwarz


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message