From: Doug Johnston
> I was wondering what the most secure way to log people in was, without
> using SSL.
[snip]
> Username = req.getParameter("username");
> Password = req.getParameter("password");
This is completely and totally insecure. You are passing the username
and password across the network as plaintext.
This subject has been well covered. Get a good book on servlets
(I happen to like Jason Hunter's "Java Servlet Programming" book)
or hit any of the many articles on the web.
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
