Reputation: 7647
Struts 2 encription user name and password
In a Struts2 application I am encrypt user name and password using JCription. When the user click the submit button I call a JavaScript function and I submit the form with the encrypted user name and password. With in this JavaScript function I am setting the encrypted user name and password in as below in order to retrieve them and decrypt in the action class.
document.getElementsByName("user.login")[0].value=encryptedValue;
Below is JSP file where the user name and password resides,
<s:textfield name="user.login" maxlength="20" size="20"/>
<s:fielderror>
<s:param value="%{'user.login'}" />
</s:fielderror>
The whole idea of doing above is to eliminate the hackers to inspect the user name and password in the request when post it.
The problem is once user clicks the submit button, the login and password field change to encrypted hexadecimal value in the login and password field because of my above assignment. How to achieve the same with out changing the non encrypted user name and password user initially enter in the UI?
Upvotes: 1
Views: 1798
Answers (1)
Reputation: 1
You should keep the text fields outside the form that you submitting. It should prevent this fields from submit, and the user could enter the values seeing it unchanged. In the form that you submit keep the hidden fields for each textfield and put encrypted values there before submit. You could do it oncklick or onsubmit events.
Upvotes: 1
Related Questions
- How to use Form Based Authentication with Tomcat in Struts 1?
- Authentication in struts2
- Struts2: how to store safety username and password from action to action
- Struts Database Login
- Url Encryption in java(Struts2)
- Spring-Security PasswordEncoder returns null
- How to implement Form based authentication with struts2
- password tag in struts2 not working properly
- struts 2 password preset value
- How to programatically encrypt/decrypt plain text credentials in JSP?