Thanks,At last some one understood my proble.But in which files i have to make changes to implement Acegi security. regards, ajay
Nathan Anderson <[EMAIL PROTECTED]> wrote: I agree, encryption does not really solve the problem if the users are determined to get to the data. The better way to fix this is to implement more Acegi features [e.g. method invocation interceptors] so users can only access the methods and objects they should be able to get to. Nathan ----- Original Message ----- From: "Jason Brice" To: users@appfuse.dev.java.net Sent: Friday, April 27, 2007 7:57:44 AM (GMT-0800) America/Los_Angeles Subject: Re: [appfuse-user] query about url encryption I think a much better way to do this would be to control what users have access to what data through the service layer your application than try and fool them with encrypted parameters. If you must, you could always base64 encode/decode the parameters. That would turn the string "How now brown cow" into "SG93IG5vdyBicm93biBjb3c=". Bullet proof against kids in tree-houses, but not acceptable encryption by any real world means. Jason On 4/27/07, ajay pokale wrote: > > I want to do this,because when we are passing some parameter id or > methods names some through url ,some users are modifying the urls and > getting data which they are not supposed to acess. > > > > > *Nathan Anderson * wrote: > > I've never done this, so I wouldn't even know where to start. But I'm > wondering what the purpose of this is? Is the idea to make it harder for > users to guess a URL they might want to get to but should not have access > to? Or perhaps it is a helpful in making the app more Search Engine > friendly? > > Just curious... > > Nathan > > > ----- Original Message ----- > From: "ajay pokale" > To: users@appfuse.dev.java.net > Sent: Friday, April 27, 2007 12:01:17 AM (GMT-0800) America/Los_Angeles > Subject: Re: [appfuse-user] query about url encryption > > If we go on suppose yahoomail.com and do login, then we get a encrypted > url in our browser . > Like that If i click on url suppose > http://appfuse.org/display/APF/Web+Filters > Then it should look like in browser for example > http://appfuse.org/display/APF/Xfc+GjMufst > Should encrypt the letters in url while showing in browser. > > I have to do same in my appfuse project ,then in which files i have to do > changes. > > > > Thanks , > Ajay > > > Matt Raible wrote: > What do you mean by URL encryption - SSL? > > Matt > > On 4/26/07, ajay pokale wrote: > > Hi, > > I want to know about how to do url encryption in Appfuse. > > > > Waitng for possitive reply. > > > > Thanks, > > Ajay. > > > > ________________________________ > > Ahhh...imagining that irresistible "new car" smell? > > Check out new cars at Yahoo! Autos. > > > > > > > -- > http://raibledesigns.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------- > Ahhh...imagining that irresistible "new car" smell? > Check outnew cars at Yahoo! Autos. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > ------------------------------ > Ahhh...imagining that irresistible "new car" smell? > Check out new cars at Yahoo! Autos. > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------- Ahhh...imagining that irresistible "new car" smell? Check outnew cars at Yahoo! Autos.
