|
Henrik Rützou <hr@...> writes:
Richard
if you control both the client and the server it is quite simple.
Lets say you have a URL like
http:// serverip/getinfo.pgm?userid=aaaaa&password=bbbbb&account=123456
you change the url to
http:// serverip/getinfo.pgm?userid=aaaaa&hash=
4625fd63b0e96fc0d656ae7381605e48d4a0f63a319fc743adf22688613883c7&account=123456
Everybody can do a HASH - but the HASH is 'salted'
The user id aaaaa has a 'salt'-value only the client and the server knows
so the input
to the HASH algoritm is
aaaaa123456salt
hi
thanks for you reply
as i have never used HASH .. could you please let me know how can i use it
?
)expecially in RPGLE .. where can i find some example.
Thanks in advance
--
This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing
list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/web400.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
