> it must be sent over the network un-encrypted once.
If you want the password to travel unencrypted over
the network connect to the client using SSL/TLS.
What kind of a client do you have???
If you use SSL/TLS only for the authentication routine the
overhead is negligible.
Cheers
Rajesh
===========================================================================
To unsubscribe: mailto [EMAIL PROTECTED] with body: "signoff JSP-INTEREST".
For digest: mailto [EMAIL PROTECTED] with body: "set JSP-INTEREST DIGEST".
Some relevant FAQs on JSP/Servlets can be found at:
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.html
http://www.jguru.com/jguru/faq/faqpage.jsp?name=JSP
http://www.jguru.com/jguru/faq/faqpage.jsp?name=Servlets
