struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacob Hookom" <>
Subject [OT] Request Certificates/Security
Date Fri, 06 Sep 2002 18:54:33 GMT
I know I beat security like a dead horse, but....

If my app generates a menu specific to the user, i.e., a project list
that they belong to, then instead of creating a link to the, do you think it would be secure enough if I passed a
huge "certificate" instead that had an hour time limit on it?  The link
would instead be:

(Where the project uid is hashed with a timestamp and their role as the

I know some developers use it when they are securing sites that span
multiple servers, but for this, it would prevent redundant db access at

Does anyone else use this method?

Jacob Hookom 
Comprehensive Computer Science 
University of Wisconsin, Eau Claire 

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message