How to encode QueryString in ASP.NET 2.0 and decode in JSP?

After migrating to a ASP.NET 2.0 application I have to add a link to a legacy application written in Java.  Basically my app will use redirect to a login page with http://localsite/login.jsp?name=John&pwd=Hello.  I do not want to display credentials as clear text, what should be done in order to encrypt querystring in ASP.NET 2.0 and then deciphered on JSP page?
LVL 11
TornadoVAsked:
Who is Participating?
 
RamuncikasCommented:
1. Construct a string containing a user name and password.
     Dim str as string="user=John&pwd=Hello"

2. Encrypt this string with some string encription.

3. Pass the resulting string to java app
     Response.redirect("http://localsite/login.jsp?user=" & MyEcryptedString)

4. Decrypt that string at java app side, parse it into user name and password and check if credentials are valid...
0
 
frodomanCommented:
Querystring is going to be visible whether you encode it or not so I'm not sure what you're asking?  You can encrypt 'John' to be 'H&y4Fv_9' but that isn't going to stop someone from copying 'H&y4Fv_9' and pasting it into a URL at a later date...

If you want to have credentials hidden then don't put them in the querystring!
0
 
TornadoVAuthor Commented:
Frodoman, I'm sorry for not being clear, it's an intranet app, I simply did not want to display user's credentials as clear text in their address bar.  I was looking for Convert.ToBase64String() equivalent in Java since I'm not proficient in it.  

I gave all points to Ramuncikas simply because I've implemented his suggestion even without looking at it first.

Thanks for your help guys!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.