hi , actully i have read filters in servlet.
but i didnt understand , the actual working of filters ( in practicle environment).
i want to know that , when i am sending request to server and i am using filter before request went to server. so that process is happening on server side or client side ?

and i want to send password in encrypted format from html page to servlet how to do this ?
please if any one have any idea please response ( Atleast tell the process how to proceed).

Servlet filters always run on the server.
They can provide services that have to run before the web application processes the request, like authentication.
A filter can intercept the requests, look up credentials and permissions, and deny the request (with an error message) if the request is issued by someone who's not allowed to do so.

hi , actully i have read filters in servlet.
but i didnt understand , the actual working of filters ( in practicle environment).
i want to know that , when i am sending request to server and i am using filter before request went to server. so that process is happening on server side or client side ?

and i want to send password in encrypted format from html page to servlet how to do this ?
please if any one have any idea please response ( Atleast tell the process how to proceed).

filter always run in server env.

here's the way to send your encrypted password to server
1. add one hidden field in your login form i.e with name hashed_pass, and assume your password filed named pass
2. add onSubmit action in your form which will do these:
- hash your inputted plain password (try lo look some md5 hash javascript, there's a lot out of there)
- change you hashed_pass field value to hashed value of your inputted password
- set your password field to empty since you don't want plain value of your password is submitted
- submit the form
- authenticate using the hashed password
3. done

it may like these, except i don't provide the md5 javascript code, and assume the method to perform md5 hash is md5()

function hashOnSubmit(theForm) {
   var passwd_field = theForm.pass;
   var hashedpasswd_field = theForm.hashed_pass;
   var hashed = md5(passwd_field.value);
   hashedpasswd_field.value = hashed;
   passwd_field.value = "";
   theForm.submit();
}

and in the html, form part:

<form name="login_form" action="bla_bla" method="post" onSubmit="hashOnSubmit(this);">
....//the fileds here
</form>

hope will help.

regards,

> here's the way to send your encrypted password to server [ snip ]

Which of course fails if Javascript is disabled on the clients' computer. And of course, using a Javascript equivalent of the hashing algorithm exposes your entire hashing logic. A better way would be to use a secure connection to send/receive critical user information like https.

This article has been dead for over six months. Start a new discussion instead.