Thanks for the info! Shan
dusty wrote: > > Since you are using Struts2, I think the best method is Interceptors. > For inbound requests, you would put your decrypting interceptor BEFORE > your parameters interceptor and it should work like a charm. For > encrypting links and hidden field values, I think that is two > different issues. For links you would want to create your own tag the > incorporates the encryption. For hidden fields you want to encrypt > certain values in the ValueStack. I think you can use an interceptor > here as well, that will detect it is running for the result (after the > action) and then you can possibly swap a value for an encrypted value. > > -D > > On Dec 22, 2008, at 8:27 PM, ashan wrote: > >> >> Good explanation. >> >> Is there a way to encrypt (transparently) form hidden fields and url >> link >> parameters? >> >> Like the ones explained here: >> >> http://today.java.net/pub/a/today/2008/05/20/securing-your-applications-request-parameters.html >> >> http://www.hdiv.org/ >> >> >> Thanks, >> Shan >> >> >> >> melinate wrote: >>> >>> Those are your basic options--store it in the request or in the >>> session. Neither is "better" than the other, but there are some >>> differences that might make one better suited to a particular >>> scenario. For example, if you need to hide the values from the user >>> or >>> ensure the are not tampered with, store them in the session. The down >>> side to storing in the session is that it uses more server resources, >>> especially if in a clustered environment. >>> >>> Hope that helps, >>> Nathan >>> >>> >>> >>> On 12/22/08, ashan <arthan...@gmail.com> wrote: >>>> >>>> I'm working on a project that is build on top of Appfuse struts2 >>>> framework. >>>> I need to pass some values between Actions. In the past I used to >>>> pass >>>> these >>>> values either keeping in the form's hidden values or in session >>>> attributes. >>>> >>>> Is there a better alternative ways to do this now? >>>> >>>> >>>> Thanks! >>>> -- >>>> View this message in context: >>>> http://www.nabble.com/passing-values-between-Actions---any-best-practice--tp21134753s2369p21134753.html >>>> Sent from the AppFuse - User mailing list archive at Nabble.com. >>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net >>>> For additional commands, e-mail: users-h...@appfuse.dev.java.net >>>> >>>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net >>> For additional commands, e-mail: users-h...@appfuse.dev.java.net >>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/passing-values-between-Actions---any-best-practice--tp21134753s2369p21139437.html >> Sent from the AppFuse - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net >> For additional commands, e-mail: users-h...@appfuse.dev.java.net >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net > For additional commands, e-mail: users-h...@appfuse.dev.java.net > > > -- View this message in context: http://www.nabble.com/passing-values-between-Actions---any-best-practice--tp21134753s2369p21156831.html Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net For additional commands, e-mail: users-h...@appfuse.dev.java.net
