[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Can I use sendRedirect() and hide parameters?

Posted on 2001-09-18
12
Medium Priority
?
451 Views
Last Modified: 2007-12-19
I need to forward users to another domain say, "http://www.thenewdomain.com" and there are some required parameters that need sending say, "login="joe".

I know that I can create one full string "http://www.thenewdomain.com?login=joe" and use sendRedirect() but when I do that the parameters show up in the URL Address line of the browser.  I need to hide those parameters similar to the HTML GET.

Does anyone know of a way to do that??

Thanks!
0
Comment
Question by:pzila
  • 4
  • 2
  • 2
  • +3
12 Comments
 
LVL 15

Expert Comment

by:a.marsh
ID: 6493597
You mean similar to HTTP POST, not GET.

It can't be done using sendRedirect. You actually need to build the POST request within the servlet.

I'm afraid I don't have any example code.......I'll see what I can find.

:o)

Ant
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6493771
Unfortunately with Servlets you cannot add GET or Post Parameters.

You can add attributes (java objects, strings, etc) to the request object.

Then you can forward the request to a JSP that will have access to all the attributes you attached to the request object.

The only way I have seen adding of Parameters (like FORM GET/POST) is when you do JSP include of a file and pass parameters via the Jsp:param tag.

CJ
0
 
LVL 6

Expert Comment

by:holli
ID: 6494252
encrypt the parameter, then it can be seen but not understood or correctly changed.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Expert Comment

by:beegled
ID: 6498673
holli,

I have a question.  If you pass the login and password like http://login:password@www.website.com/, is there a way to encrypt that login and password and still have it work?

David
0
 
LVL 6

Expert Comment

by:holli
ID: 6499287
once you do not have a https - connection all text will be transferred unencrypted in clear text.
to be sure, use a https for the login.
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6500053
You can use Encryption methods just for Login and Password.. but passing them via the URL is still not a good approach.  For maximum security rely on FORM posts over SSL.

CJ
0
 

Expert Comment

by:beegled
ID: 6500967
Unfortunately, in this specific case, I can only use http and have to add it to the url.  Oh well, not a biggie, thank you.
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6500989
Then I would use one of the many crypt libs available to encrypt the username and password.. and then use the URL.

CJ
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 6855019
This question has been abandoned. I will make a recommendation to the
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.

Cd&
0
 
LVL 19

Expert Comment

by:cheekycj
ID: 6855111
I am not sure here.. probably just PAQ it.

CJ
0
 
LVL 53

Expert Comment

by:COBOLdinosaur
ID: 6892889
It is time to clean this abandoned question up.  

I am putting it on a clean up list for CS.

<recommendation>
zero PAQ

</recommendation>

If anyone participating in the Q disagrees with the recommendation,
please leave a comment for the mods.

Cd&
0
 
LVL 5

Accepted Solution

by:
Netminder earned 0 total points
ID: 6909029
Per recommendation, points refunded and question closed by
Netminder
CS Moderator
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

FAQ pages provide a simple way for you to supply and for customers to find answers to the most common questions about your company. Here are six reasons why your company website should have a FAQ page
Australian government abolished Visa 457 earlier this April and this article describes how this decision might affect Australian IT scene and IT experts.
This video teaches users how to migrate an existing Wordpress website to a new domain.
The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.
Suggested Courses
Course of the Month19 days, 16 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question