O
oliviergir
Hi,
I have an applet that needs to submit some data to the server via an
http GET request onto the server (an aspx page written in C#).
The url called by the applet is going to be visible by the user but I
need to make it impossible for the user to call that page again later
with fake data (unless he decompiles the applet code..) .
What i plan to do but i am not sure at all :
I suppose that I need a secret (a private key) that will be shared by
the applet and the server code.
A unique id (ex: System.currentMillis() +ip ?) generated by the
applet , encrypted with the private key and send as a parameter "uid"
to the server.
On server side, if same uid is receive twice, request is refused.
If not, I need to make sure that uid was properly "signed" with the
private key?
what do you think of that method ?
could give me sample code to achieve that ?
I have an applet that needs to submit some data to the server via an
http GET request onto the server (an aspx page written in C#).
The url called by the applet is going to be visible by the user but I
need to make it impossible for the user to call that page again later
with fake data (unless he decompiles the applet code..) .
What i plan to do but i am not sure at all :
I suppose that I need a secret (a private key) that will be shared by
the applet and the server code.
A unique id (ex: System.currentMillis() +ip ?) generated by the
applet , encrypted with the private key and send as a parameter "uid"
to the server.
On server side, if same uid is receive twice, request is refused.
If not, I need to make sure that uid was properly "signed" with the
private key?
what do you think of that method ?
could give me sample code to achieve that ?