how to encrypt/encode url parameters in jsp

Question

I want to encrypt a URL variable so that the user can\'t see or modify the information when it is passed in jsp.

This is an example URL:

localhost/somew         


        

Answer 1

Your question became solvable the moment we knew that you are 'sending this url as attachment in email... when receiver click on this link their payslip is confirmed'

That means there are 3 options: encrypting, hashing and using random string(s).

In this case I recommend the random strings (or hashing) instead of encrypting. The reason is 2-fold:

• You are not sending out potentially private data (for google gmail to read, for example)
• random string(s) (or hashing) is simpler, shorter and safer (for this case).

Assuming you have a database containing your user-data, then you'd generate a unique random string (or hash) for that specific user/transaction. Then you store this data (you could hash it again internally) together with or linked to your user-data.

Now you only send out the link with the random string(s)/hash that is uniquely linked to the user-data.

Have a look on SO for https://stackoverflow.com/search?q=[jsp]+hash
and please, for the love of [enter deity here], be sure you read Wikipedia about 'salt' etc.!!
You do not want to make mistakes with user-payments!

Now, make a choice, set it up and return with questions should you get stuck!

EDIT:
In fact.. instead of hashing, a completely 'random' (fixed length) unique string(s) is sufficient! Better yet: or two random strings, for a two-factor check: one string for identification, one for authentication.