When you say safe you mean:
1. safe from the client that uses the pages, in order not to adjust his rights, for
example? or
2. safe from the people that might try to steal confidential data from the users of
your site?
1. In the first case the session is the safest way (because the data is managed on the
server, no client can directly touch it).
2. Use SSL. It's unsafe even if you make your own socket connections. They :) still
might get it.
Anyway, using the session you can choose to delete the data at any time (simply
invalidating the session).
The session's purpose is the use in pages like you described.
Paul
11.03.2002 18:29:39, Nancy Crisostomo Martinez [EMAIL PROTECTED] wrote:
Thank you very much for your answers!
But Gary : ,
Do you mean the URL parameters is the only way to pass parameters from a jsp
(script code) to another jsp?
This is because I need to pass the password and username as parameters... Is this
safe?
I really want to find the safest way to pass them..
And Peter : ,
I said I don't want to use the session object because I don't know if it is
safe. Do I have to use it?, is it safe?
Thank you again!
Gary Noone wrote:
Nancy--
Rough code:
In Valida.jsp)
script
openWindow(Portal.jsp? + paramA + = + valueA);
/script
In Portal.jsp:
% String value = request.getParameter(paramA); %
script
leftframe.location.href = windowContent.jsp?param=%= value %
/script
Apologies for small mistakes in the code -- but you should get the general
idea. Drop me a line if this does not help.
Gary
-Original Message-
From: A mailing list about Java Server Pages specification and reference
[mailto:[EMAIL PROTECTED]]On Behalf Of Nancy Crisóstomo
Sent: 11 March 2002 15:30
To: [EMAIL PROTECTED]
Subject: Jsp Parameters [Urgent!]
Hi everybody!
Please I need help,...
This is not a Tomcat question, but I know here I can find some JSP
experts:
Could you tell me all the ways I could send (safe) parameters from a jsp
to a jsp file? Please discard the url parameters and the Session object...
I have a jsp (Valida.jsp) which opens a new navigator window (javascript),
and that new navigator window contents another jsp
(Portal.jsp). I need to send some parameters from Valida.jsp to
Portal.jsp. In fact the second Jsp is formed by frames and one of the
frames has a jsp (Left.jsp) that needs those parameters...
Could you please help me? Give some hints or examples... I really need
your help.. Or if you couldn't, please tell me where I can find that
information
Thank you very much..
Nancy.
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff
JSP-INTEREST.
For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST
DIGEST.
Some relevant FAQs on JSP/Servlets can be found at:
http://archives.java.sun.com/jsp-interest.html
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.jsp
http://www.jguru.com/faq/index.jsp
http://www.jspinsider.com
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST.
For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST.
Some relevant FAQs on JSP/Servlets can be found at:
http://archives.java.sun.com/jsp-interest.html
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.jsp
http://www.jguru.com/faq/index.jsp
http://www.jspinsider.com
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST.
For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST.
Some relevant FAQs on JSP/Servlets can be found at:
http://archives.java.sun.com/jsp-interest.html
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.jsp
http://www.jguru.com/faq/index.jsp
http://www.jspinsider.com
Paul Balanoiu
Bucharest, Romania
===
To unsubscribe: mailto [EMAIL PROTECTED] with body: signoff JSP-INTEREST.
For digest: mailto [EMAIL PROTECTED] with body: set JSP-INTEREST DIGEST.
Some relevant FAQs on JSP/Servlets can be found at:
http://archives.java.sun.com/jsp-interest.html
http://java.sun.com/products/jsp/faq.html
http://www.esperanto.org.nz/jsp/jspfaq.jsp
http://www.jguru.com/faq/index.jsp
http://www.jspinsider.com