Hi, 2008/6/26 Al Sutton <[EMAIL PROTECTED]>: > I was thinking more along the lines of encrypting the userId and password > hash using AES, store the value in the cookie, then if the cookie is > available during another session decrypt, check everything matches, and let > them back in.
But you will have to store keys on the server side for future use, maybe simple MD5 plus some arbittary text will be better? http://java.sun.com/developer/technicalArticles/Security/AES/AES_v1.html Regards -- Lukasz http://www.lenart.org.pl/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]