Pid wrote:
>David Kerber wrote:
>
>
>>Pid wrote:
>>
>>
>>
>>>here's another obvious question:
>>>
>>>if you're in a servlet, and you're getting an & separated string from
>>>somewhere, where is the "somewhere" that you're getting it from?
>>>
>>>does the servlet activate and collection the data somehow, or does the
>>>data get sent to the servlet (in, for example the query string)?
>>>
>>>
>>>
>>>
>>The data is sent via an HTTP POST request, with the query string lightly
>>encrypted.
>>
>>
>
>if it's sent to the servlet using a POST, is there anything wrong with
>using the hreq.getParameterNames() & hreq.getParameter("param_name")
>methods?
>
>
Encryption/obfuscation of the data. I receive one parameter in the
clear, and a 2nd parameter is a lightly encrypted string containing the
rest of the data. That makes it a but harder to break the data than
encrypting each parameter separately would. I grab these two items with
the getParameter() methods, but then need to break out additional data
from the data string once it is decrypted.
>
>Why encrypt the query string when you could just use an SSL connection
>and encrypt the pipe? (Ignore this Q if you don't have control of the
>other end).
>
>
It's a major hassle to change the other end of the pipe, though it can
be done if absolutely necessary. SSL also takes a lot more cpu power to
process than the light encryption this app uses.
Dave
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
|