1 Reply Latest reply on Apr 1, 2004 2:00 PM by jboss fan

    Password Encryption

    jkim9 Newbie

      Currently, I am working on client authentication. Is there way to encrypt the password before sending it to the server. I am currently using JBoss 3.2.1 and also using callBackHandler to pass username and password to the JBoss server. The username and the password is still sending as clear text, and I am conern about the security vulnerability....any examples or documentation will be helpful if there is any.... thanks in advance.

        • 1. Re: Password Encryption
          jboss fan Newbie

          Use SSL. If this is an internal app, you can generate your own root CA, or public-private key combos, using keytool and/or openssl, if not you've to go for Verisign, Geotrust (some versions of JVM and browsers still don't honor this).