"meera.g.nayak" wrote:
> I want to know if there are any limits on the amount of session objects
> that can be put in a session.
There is no limit on the number of objects stored in the session, as long
as they have unique keys. Think of it as a Hashtable with a few extra
features.
>
> 2.If we use a get method to submit our forms the elements get displayed
> along with the url .if we have a password that also gets displayed.how
> do we suppress this
Use the POST method instead, and the form fields are included in the body
of the message. They are not visible in the URL, but they are still in
cleartext in the message.
>
> and how can we encrypt our passwords.
>
It is possible but quite complex to encrypt things, but you really need to
think about whether it's worth the effort to only encrypt a password.
Preventing all possible attacks (such as a "man in the middle" attack where
someone can read and possibly modify all the messges going back and forth)
is quite challenging.
The simplest way to deal with it from the developer's perspective is to run
on top of an SSL or TLS based server, where everything that goes back and
forth is encrypted for you automatically.
>
> thanks in advance
> meera
Craig McClanahan
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
FAQs on JSP can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
