Originally posted by aymane chetibi:
It's not even the password.
Iam encoding the "Username".
to send a url like http://host/webapps/myApp/activateAccount?user="toto"&signature="signature generated from toto"
can you please explain to me how can I use both md5 and base64 encoding to do this simple thing ?
Thank you so much....
Okay, I see...
First, the signature is something like this...
You still have to write both the methods to encode the md5 and base64. Noticed that the purpose of the base64 is so that you can have a string to add to a URL. If someone decodes it, all they get is the md5 hash -- and not the name.
Now how do you confirm this, when the user clicks it? Like this...
Notice that the signature is generated again -- as it is not possible to get the original name from the signature.
Henry