Reputation: 8874
how to pass password and username from servlet to other secure
I am using java servlet with google app engine. I need a secure way to pass a pass and user name from one servlet to other. what is a good way?
thanks!
Upvotes: 0
Views: 2515
Answers (2)
Reputation: 1108537
If the data needs to be request scoped, just pass it as request attribute.
User user = new User(username, password);
request.setAttrubute("user", user);
request.getRequestDispatcher("/otherServletUrl").forward(request, response);
In the other servlet it's available as:
User user = (User) request.getAttribute("user");
// ...
If the data needs to be session scoped, just store it in the session scope. This also survives redirects.
User user = new User(username, password);
request.getSession().setAttrubute("user", user);
response.sendRedirect(request.getContextPath() + "/otherServletUrl");
In the other servlet it's available as:
User user = (User) request.getSession().getAttribute("user");
// ...
There's absolutely no need to encrypt this information as it isn't exposed in public. The data is entirely stored in server memory. I only wonder how it's useful to pass passwords around. You usually keep them in the database which is been validated upon login and then only pass the user identifier around.
Upvotes: 2
Reputation: 8874
this is a very good information to do that: http://www.devarticles.com/c/a/Java/Password-Encryption-Rationale-and-Java-Example/
Upvotes: -1
Related Questions
- How can I get the value of the request parameters "j_username" and "j_password"?
- Java Servlet JDBC authentification
- how to pass username and password parameter in loginpage that are saved already in my database?
- Java servlet and authentication
- Pass parameters to my login.jsp
- Authentication Via Servlet
- Servlet security authentication
- How to pass session value to another web application/project in java
- java ee - authenticate users using servlets
- servlet authentication and further reference to the credentials