•
•
•
•
What is DaniWeb IT Discussion Community?
You're currently browsing the JSP section within the Web Development category of DaniWeb, a massive community of 457,037 software developers, web developers, Internet marketers, and tech gurus who are all enthusiastic about making contacts, networking, and learning from each other. In fact, there are 2,682 IT professionals currently interacting right now! Registration is free, only takes a minute and lets you enjoy all of the interactive features of the site.
Please support our JSP advertiser: Lunarpages JSP Web Hosting
Views: 508 | Replies: 3
 |
•
•
Join Date: Dec 2006
Posts: 10
Reputation: 
Rep Power: 0
Solved Threads: 0
Newbie Poster
hi , actully i have read filters in servlet.
but i didnt understand , the actual working of filters ( in practicle environment).
i want to know that , when i am sending request to server and i am using filter before request went to server. so that process is happening on server side or client side ?
and i want to send password in encrypted format from html page to servlet how to do this ?
please if any one have any idea please response ( Atleast tell the process how to proceed).
but i didnt understand , the actual working of filters ( in practicle environment).
i want to know that , when i am sending request to server and i am using filter before request went to server. so that process is happening on server side or client side ?
and i want to send password in encrypted format from html page to servlet how to do this ?
please if any one have any idea please response ( Atleast tell the process how to proceed).
•
•
Join Date: Nov 2004
Location: Netherlands
Posts: 5,752
Reputation:
Rep Power: 19
Solved Threads: 200
Servlet filters always run on the server.
They can provide services that have to run before the web application processes the request, like authentication.
A filter can intercept the requests, look up credentials and permissions, and deny the request (with an error message) if the request is issued by someone who's not allowed to do so.
They can provide services that have to run before the web application processes the request, like authentication.
A filter can intercept the requests, look up credentials and permissions, and deny the request (with an error message) if the request is issued by someone who's not allowed to do so.
As people are clearly allowed to attack me but I'm not allowed to defend myself, I no longer post to this site.
•
•
Join Date: Sep 2008
Posts: 3
Reputation:
Rep Power: 0
Solved Threads: 1
Newbie Poster
•
•
•
•
Originally Posted by sach_ak47 
hi , actully i have read filters in servlet.
but i didnt understand , the actual working of filters ( in practicle environment).
i want to know that , when i am sending request to server and i am using filter before request went to server. so that process is happening on server side or client side ?
and i want to send password in encrypted format from html page to servlet how to do this ?
please if any one have any idea please response ( Atleast tell the process how to proceed).
filter always run in server env.
here's the way to send your encrypted password to server
1. add one hidden field in your login form i.e with name hashed_pass, and assume your password filed named pass
2. add onSubmit action in your form which will do these:
- hash your inputted plain password (try lo look some md5 hash javascript, there's a lot out of there)
- change you hashed_pass field value to hashed value of your inputted password
- set your password field to empty since you don't want plain value of your password is submitted
- submit the form
- authenticate using the hashed password3. done
it may like these, except i don't provide the md5 javascript code, and assume the method to perform md5 hash is md5()
javascript Syntax (Toggle Plain Text)
and in the html, form part:
html Syntax (Toggle Plain Text)
hope will help.
regards,
•
•
Join Date: Jun 2006
Location: India
Posts: 7,012
Reputation: 
Rep Power: 25
Solved Threads: 368
> here's the way to send your encrypted password to server [ snip ]
Which of course fails if Javascript is disabled on the clients' computer. And of course, using a Javascript equivalent of the hashing algorithm exposes your entire hashing logic. A better way would be to use a secure connection to send/receive critical user information like https.
Which of course fails if Javascript is disabled on the clients' computer. And of course, using a Javascript equivalent of the hashing algorithm exposes your entire hashing logic. A better way would be to use a secure connection to send/receive critical user information like https.
I don't accept change. I don't deserve to live.
Happiness corrupts people.
Failing to value the lives of others cheapens your own.
Happiness corrupts people.
Failing to value the lives of others cheapens your own.
|
•
•
•
•
•
•
•
•
DaniWeb JSP Marketplace
•
•
•
•
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Linear Mode
Similar Threads
- How do you bypass school/corporate internate filters (Network Security)
- code to hide the url using servlet filter (JSP)
- hover over text tips (JavaScript / DHTML / AJAX)
- Function of web.xml in Tomcat (Java)
Other Threads in the JSP Forum
- Previous Thread: get current price
- Next Thread: retrieve request parameter of 1 frame to another
