About Question enthuware.jwpv6.2.735 :
Moderator: admin
-
- Posts: 42
- Joined: Tue Feb 12, 2013 4:35 pm
- Contact:
About Question enthuware.jwpv6.2.735 :
Hi,
I guess there is a typo
Apply a filter to the servlet and pass a HttpServletResponseWrapper instead of the original HttpServletResponse to the servlet.
We don't pass HttpServletResponseWrapper to servlet, we wrap original HttpServletResponse and pass it to browser.
I guess there is a typo
Apply a filter to the servlet and pass a HttpServletResponseWrapper instead of the original HttpServletResponse to the servlet.
We don't pass HttpServletResponseWrapper to servlet, we wrap original HttpServletResponse and pass it to browser.
-
- Site Admin
- Posts: 10078
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
No, the given statement is correct. In the filter, we can wrap the original HttpServletRequest as well as HttpServletResponse object into a HttpServletRequestWrapper/HttpServletResponseWrapper objects and pass those to the target servlet.
Browser has no knowledge of these (or any of the Java classes). Browser only see the content that is generated by the servlet container using the HttpServletResponse object.
HTH,
Paul.
Browser has no knowledge of these (or any of the Java classes). Browser only see the content that is generated by the servlet container using the HttpServletResponse object.
HTH,
Paul.
If you like our products and services, please help us by posting your review here.
-
- Posts: 12
- Joined: Fri Aug 15, 2014 10:16 am
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
I think explanation would be
"Apply a filter to the servlet and pass a HttpServletResponseWrapper instead of the original HttpServletResponse to the client."
client < filter < servlet
Within the filter we can encrypt and wrap the original response object and send to the client.
Correct me if i am wrong.
"Apply a filter to the servlet and pass a HttpServletResponseWrapper instead of the original HttpServletResponse to the client."
client < filter < servlet
Within the filter we can encrypt and wrap the original response object and send to the client.
Correct me if i am wrong.
-
- Site Admin
- Posts: 10078
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
No, a client doesn't receive HttpServletResponse or HttpServletResponseWrapper object. These objects exists on server side only.
If you like our products and services, please help us by posting your review here.
-
- Posts: 9
- Joined: Wed Jun 17, 2015 6:19 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
Why alternative 1 is wrong?
-
- Site Admin
- Posts: 10078
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
Alternative 1 is wrong because it does not specify that you have wrap HttpServletResponse into HttpServletResponseWrapper to the servlet. Without that you can't encrypt the response in the filter.
If you like our products and services, please help us by posting your review here.
-
- Posts: 358
- Joined: Fri Nov 29, 2013 8:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
Can the third option be correct?
My reason is we can encrypt the raw user input data (eg checking account number) in the request inside the doFilter method of a filter, use the request wrapper to decorate the request and pass it to the servlet. The servlet will decrypt the data (checking account number).
My reason is we can encrypt the raw user input data (eg checking account number) in the request inside the doFilter method of a filter, use the request wrapper to decorate the request and pass it to the servlet. The servlet will decrypt the data (checking account number).
-
- Site Admin
- Posts: 10078
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
No, the objective is to encrypt the data that is to be sent to the customer from the servlet to be encrypted.
If you like our products and services, please help us by posting your review here.
-
- Posts: 358
- Joined: Fri Nov 29, 2013 8:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
How to implement this?
Is it like the following pseudo code:
Is it like the following pseudo code:
Code: Select all
public class EncryptFilter implements Filter{
public void doFilter(ServletRequest request, ServletResponse response, FilterChain fc) throws
IOException, ServletException{
EncryptResponseWrapper rwrapper = new EncryptResponseWrapper(response);
//Suppose this is passed to the servlet to get the data that the browser queries for.
fc.doFilter(request, response);
//... do encryption for the response here
//assume there is a variable called encryptedData;
rwrapper.getWriter().println(encryptedData);
}
}
Code: Select all
public class EncryptResponseWrapper extends HttpServletResponseWrapper{
//override some HttpServletResponseWrapper methods
...
}
-
- Site Admin
- Posts: 10078
- Joined: Fri Sep 10, 2010 9:26 pm
- Contact:
Re: About Question enthuware.jwpv6.2.735 :
Yes, something like that.
-Paul.
-Paul.
If you like our products and services, please help us by posting your review here.
Who is online
Users browsing this forum: No registered users and 13 guests