Win a copy of Bad Programming Practices 101 (e-book) this week in the Beginning Java forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Login System Question (somewhat advanced?)  RSS feed

 
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I am a beginner in Java Web Application.

I am using JSP, Servlet, and Tomcat.

I made a login system using ajax. However I found out that the json/post message goes to the back end when people submit their username and passworod is exposed/unecrypted when analyzed via  Network Console (the stuff that tells you how many POST/GET requests you made)

So I realized that we need some kind of encryption, or security measures for this.

I am using bare tomcat/jsp/serlvet. Should I learn to use Spring or what are the list of things I need to do to secure this particular ajax communication.

I know I need SSL. But how do we ensure the ajax communication(POST) is secure in this case.

Thanks and love you all,
Eddy
 
Author and ninkuma
Marshal
Posts: 66727
167
IntelliJ IDE Java jQuery Mac Mac OS X
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You don't need Spring to start using SSL.
 
Eddy Haryanto
Greenhorn
Posts: 6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Bear Bibeault wrote:You don't need Spring to start using SSL.



Hi Bear,

Thank you, and I appreciate the reply.

Other than SSL, do we need something like JWT to futher secure login system.

Thanks,
Ed
 
author & internet detective
Marshal
Posts: 38367
645
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
To get started, take a look at the Tomcat SSL page. Also, have you requested a SSL certificate yet?

Ajax doesn't do anything special to hide the password other than point to a valid https URL.
 
All of life is a contant education - Eleanor Roosevelt. Tiny ad:
Why should you try IntelliJ IDEA ?
https://coderanch.com/wiki/696337/IntelliJ-IDEA
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!