Re: Making individual objects bookmarkable
Re: Making individual objects bookmarkable
- Subject: Re: Making individual objects bookmarkable
- From: Jacob Mouka <email@hidden>
- Date: Mon, 6 Aug 2007 23:48:09 -0400
I second the use of SHA (or similar) to do this. It's very easy to
use as it's part of java, and quite secure.
http://java.sun.com/j2se/1.5.0/docs/api/java/security/MessageDigest.html
Although, for your purposes it's good enough to generate a random
long string and store it in the db along with a foreign key to your
object. The SHA is more useful where the form values are generated by
the client and you need to verify their authenticity, but your urls
are completely in your control so random strings are fine.
Jacob
On 6-Aug-07, at 8:10 AM, Q wrote:
On 06/08/2007, at 8:08 PM, Ray Ackland wrote:
I am about to start creating a WO application that will mainly be
used internally, but will let external people update their own
details.
To do this, a url would be emailed out to the people in question,
and clicking on the link will take them to their details.
I expect that direct actions will play a main role here, but my
problems is creating the url string that is unique for each
person, difficult to guess a valid one, and reversible.
One option is to generate a large random seed value (you can use a
UUID generator for this) and SHA or MD5 hash the result and then
check that it doesn't already exist. It doesn't need to be reversible.
I have had a look at hashCode(), but I would need to combine
several to increase the length (and hence number of possible
values) and it would need to be reversible in order to take the
string and turn it back into the record.
On that point, I suppose it is just a case of storing the hashed
code in the user record and basing the object fetch on that.
Yep, no need to reverse the code, or expose a primary key, just
look for the record that has the matching hash value. Just remember
to index the hashcode column in your database.
So now that I think I've figured it out, can someone suggest a
better way that I'm overlooking and may already be available?
Ray.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40gmail.com
This email sent to email@hidden
--
Seeya...Q
Quinton Dolan - email@hidden
Gold Coast, QLD, Australia (GMT+10)
Ph: +61 419 729 806
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40gmail.com
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden