1 Reply Latest reply on Apr 1, 2004 2:00 PM by pearl81

Password Encryption

jkim9 Apr 1, 2004 11:30 AM

Currently, I am working on client authentication. Is there way to encrypt the password before sending it to the server. I am currently using JBoss 3.2.1 and also using callBackHandler to pass username and password to the JBoss server. The username and the password is still sending as clear text, and I am conern about the security vulnerability....any examples or documentation will be helpful if there is any.... thanks in advance.

1. Re: Password Encryption

pearl81 Apr 1, 2004 2:00 PM (in response to jkim9)

Use SSL. If this is an internal app, you can generate your own root CA, or public-private key combos, using keytool and/or openssl, if not you've to go for Verisign, Geotrust (some versions of JVM and browsers still don't honor this).
Actions