• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 455
  • Last Modified:

Can I use sendRedirect() and hide parameters?

I need to forward users to another domain say, "http://www.thenewdomain.com" and there are some required parameters that need sending say, "login="joe".

I know that I can create one full string "http://www.thenewdomain.com?login=joe" and use sendRedirect() but when I do that the parameters show up in the URL Address line of the browser.  I need to hide those parameters similar to the HTML GET.

Does anyone know of a way to do that??

Thanks!
0
pzila
Asked:
pzila
  • 4
  • 2
  • 2
  • +3
1 Solution
 
a.marshCommented:
You mean similar to HTTP POST, not GET.

It can't be done using sendRedirect. You actually need to build the POST request within the servlet.

I'm afraid I don't have any example code.......I'll see what I can find.

:o)

Ant
0
 
cheekycjCommented:
Unfortunately with Servlets you cannot add GET or Post Parameters.

You can add attributes (java objects, strings, etc) to the request object.

Then you can forward the request to a JSP that will have access to all the attributes you attached to the request object.

The only way I have seen adding of Parameters (like FORM GET/POST) is when you do JSP include of a file and pass parameters via the Jsp:param tag.

CJ
0
 
holliCommented:
encrypt the parameter, then it can be seen but not understood or correctly changed.
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

 
beegledCommented:
holli,

I have a question.  If you pass the login and password like http://login:password@www.website.com/, is there a way to encrypt that login and password and still have it work?

David
0
 
holliCommented:
once you do not have a https - connection all text will be transferred unencrypted in clear text.
to be sure, use a https for the login.
0
 
cheekycjCommented:
You can use Encryption methods just for Login and Password.. but passing them via the URL is still not a good approach.  For maximum security rely on FORM posts over SSL.

CJ
0
 
beegledCommented:
Unfortunately, in this specific case, I can only use http and have to add it to the url.  Oh well, not a biggie, thank you.
0
 
cheekycjCommented:
Then I would use one of the many crypt libs available to encrypt the username and password.. and then use the URL.

CJ
0
 
COBOLdinosaurCommented:
This question has been abandoned. I will make a recommendation to the
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.

Cd&
0
 
cheekycjCommented:
I am not sure here.. probably just PAQ it.

CJ
0
 
COBOLdinosaurCommented:
It is time to clean this abandoned question up.  

I am putting it on a clean up list for CS.

<recommendation>
zero PAQ

</recommendation>

If anyone participating in the Q disagrees with the recommendation,
please leave a comment for the mods.

Cd&
0
 
NetminderCommented:
Per recommendation, points refunded and question closed by
Netminder
CS Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 4
  • 2
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now