In your login page, do a POST instead of a GET. You will also have to
overide doPost() instead of doGet() in your servlet.
Chris
> -----Original Message-----
> From: sidaty [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, September 15, 1999 11:37 AM
> To: [EMAIL PROTECTED]
> Subject: Problem with browsing PASSWORD field in Servlet urls
>
> Hi all ,
>
> I am facing the following problem :
> Each time we access th main servlet of an application project , this
> servlet
> asks for the name and password of the user
> who wants to connect to that application .
> But the problem is that the password field he submits is always browsed
> into
> the URL window of the servlet.
> like in the next line :
> http://bcm600:8081/servlet/servlet02?nom=user1&password=password1&envoi=So
> um
> ettre+la+requ%EAte
>
> notice the fields name =user1
> password=password1
> How can i avoid such behavior and garantee that servlets will not expose
> people passwords publicly .
>
> Thanks in advance .
>
> __________________________________________________________________________
> _
> To unsubscribe, send email to [EMAIL PROTECTED] and include in the
> body
> of the message "signoff SERVLET-INTEREST".
>
> Archives: http://archives.java.sun.com/archives/servlet-interest.html
> Resources: http://java.sun.com/products/servlet/external-resources.html
> LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
