pzila
asked on
Can I use sendRedirect() and hide parameters?
I need to forward users to another domain say, "http://www.thenewdomain.com" and there are some required parameters that need sending say, "login="joe".
I know that I can create one full string "http://www.thenewdomain.com?login=joe" and use sendRedirect() but when I do that the parameters show up in the URL Address line of the browser. I need to hide those parameters similar to the HTML GET.
Does anyone know of a way to do that??
Thanks!
I know that I can create one full string "http://www.thenewdomain.com?login=joe" and use sendRedirect() but when I do that the parameters show up in the URL Address line of the browser. I need to hide those parameters similar to the HTML GET.
Does anyone know of a way to do that??
Thanks!
Unfortunately with Servlets you cannot add GET or Post Parameters.
You can add attributes (java objects, strings, etc) to the request object.
Then you can forward the request to a JSP that will have access to all the attributes you attached to the request object.
The only way I have seen adding of Parameters (like FORM GET/POST) is when you do JSP include of a file and pass parameters via the Jsp:param tag.
CJ
You can add attributes (java objects, strings, etc) to the request object.
Then you can forward the request to a JSP that will have access to all the attributes you attached to the request object.
The only way I have seen adding of Parameters (like FORM GET/POST) is when you do JSP include of a file and pass parameters via the Jsp:param tag.
CJ
encrypt the parameter, then it can be seen but not understood or correctly changed.
holli,
I have a question. If you pass the login and password like http://login:password@www.website.com/, is there a way to encrypt that login and password and still have it work?
David
I have a question. If you pass the login and password like http://login:password@www.website.com/, is there a way to encrypt that login and password and still have it work?
David
once you do not have a https - connection all text will be transferred unencrypted in clear text.
to be sure, use a https for the login.
to be sure, use a https for the login.
You can use Encryption methods just for Login and Password.. but passing them via the URL is still not a good approach. For maximum security rely on FORM posts over SSL.
CJ
CJ
Unfortunately, in this specific case, I can only use http and have to add it to the url. Oh well, not a biggie, thank you.
Then I would use one of the many crypt libs available to encrypt the username and password.. and then use the URL.
CJ
CJ
This question has been abandoned. I will make a recommendation to the
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.
Cd&
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.
Cd&
I am not sure here.. probably just PAQ it.
CJ
CJ
It is time to clean this abandoned question up.
I am putting it on a clean up list for CS.
<recommendation>
zero PAQ
</recommendation>
If anyone participating in the Q disagrees with the recommendation,
please leave a comment for the mods.
Cd&
I am putting it on a clean up list for CS.
<recommendation>
zero PAQ
</recommendation>
If anyone participating in the Q disagrees with the recommendation,
please leave a comment for the mods.
Cd&
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
It can't be done using sendRedirect. You actually need to build the POST request within the servlet.
I'm afraid I don't have any example code.......I'll see what I can find.
:o)
Ant