If you use hash you do not need to store the "random" part into the db. Saves you some persistence trouble.
2008/5/19 Michael Allan <[EMAIL PROTECTED]>: > Sam Stainsby wrote: >> >> Martin Makundi wrote: >> > The benefit in digest is that the user (or another user) cannot >> > fabricate it... so easily. >> >> Just send a large random number ... no need for expensive hash >> operations. > > But use java.security.SecureRandom, not java.util.Random. > > -- > Michael Allan > > Toronto, 647-436-4521 > http://zelea.com/ > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
