Shoot out your problems...
Lets share and expand the knowledge.....!!!!


We are open to share on(any IT related stuffs) :

- Javascript/JQuery/Ajax
- Java,JSP,Servlets and Frameworks
- WebServices
- Unix, Linux, Webserver Administration


+ many more !!!!

framework used: Struts and Hibernate
database : oracle 10

how can I hash the password before I store it in db?

hash a password??
Can you explain more clearly ??

I mean I dont want to store password directly to database, but want to store hash or one way encrypted value in database.

// sample code--//copy paste these two class to see how it works

import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import sun.misc.BASE64Encoder;
 
public class EncyptionTest {
    public static synchronized String encrypt(String txt_to_excrypt, String algorithm_used_for_encryption) throws Exception {
        MessageDigest msgDigest = null;
        String hashValue = null;
        try {
            msgDigest = MessageDigest.getInstance(algorithm_used_for_encryption);
            msgDigest.update(txt_to_excrypt.getBytes("UTF-8"));
            byte rawByte[] = msgDigest.digest();
            hashValue = (new BASE64Encoder()).encode(rawByte);
        } catch (NoSuchAlgorithmException e) {
            System.out.println("No Such Algorithm Exists");
        }
        return hashValue;
    }
}

// test the above class

public class TestEncryption {
  public static void main(String[]args){
      try {
            String encryptedPassword = new EncyptionTest().encrypt("password", "SHA"); //using SHA algo
            String encryptedPassword1 = new EncyptionTest().encrypt("password", "MD5");//using MD5
            System.out.println("Encrypted Password:\t"+encryptedPassword);
            System.out.println("Encrypted Password-MD5:\t"+encryptedPassword1);

        } catch (Exception ex) {
        }
}}

//output
Encrypted Password:        W6ph5Mm5Pz8GgiULbPgzG37mj9g=
Encrypted Password-MD5:        X03MO1qnZdYdgyfeuILPmQ==

/*    while using struts *****************************/
- create a seperate java class for encryption like i did
- create a instance of that class in action class
- pass the received password from form bean to encrypt method like above and get the result in some variable
- store that variable in database ....will be saved as encrypted password

thx,
was looking for this :)

NP. Keep posting ....

Oracle just realased most Sophisticated High Availability (HA) weblogic tools called WebCenter Suite.

It is just an Oracle Fusion Middleware and a mix of existing Oracle software along with the various products from BEA.

thanks

if you want to code, you can go with Ayus, also heard MD5 is not that good for password protection, try using sha digests.
I found some inbuilt functionality with mysql (always easier and less error prone to use inbuilt api)
src:http://mysqldatabaseadministration.blogspot.com/2006/08/storing-passwords-in-mysql.html

You can apply SHA1 algorithm to a password string:

mysql>  SELECT SHA1('mysecretpassword');
+------------------------------------------+
| SHA1('mysecretpassword')                 |
+------------------------------------------+
| 08cd923367890009657eab812753379bdb321eeb |
+------------------------------------------+
1 row in set (0.00 sec)

Since SHA is an alias for SHA1, it produces the same result

mysql>  SELECT SHA('mysecretpassword');
+------------------------------------------+
| SHA('mysecretpassword')                  |
+------------------------------------------+
| 08cd923367890009657eab812753379bdb321eeb |
+------------------------------------------+
1 row in set (0.00 sec)

To store passwords encrypted with SHA1, we need to be able to store 40 characters.

mysql> SELECT CHARACTER_LENGTH(SHA1('mysecretpasswordsssssss'));
+---------------------------------------------------+
| CHARACTER_LENGTH(SHA1('mysecretpassword')) |
+---------------------------------------------------+
|                                                40 |
+---------------------------------------------------+
1 row in set (0.00 sec)

On the other hand, to store passwords encrypted with MD5, we need the column to be able to hold 32 characters.

mysql>  SELECT MD5('secretpassword');
+----------------------------------+
| MD5('secretpassword')            |
+----------------------------------+
| 2034f6e32958647fdff75d265b455ebf |
+----------------------------------+
1 row in set (0.00 sec)

mysql>  SELECT CHARACTER_LENGTH(MD5('secretpassword'));
+-----------------------------------------+
| CHARACTER_LENGTH(MD5('secretpassword')) |
+-----------------------------------------+
|                                      32 |
+-----------------------------------------+
1 row in set (0.00 sec)


Didnt find much on oracle except for following 
http://psoug.org/reference/dbms_crypto.html

Good luck

Simple WebSerice tutorial on Netbeans:

https://www.youtube.com/watch?v=HSajTWlDnhk

JSTL TUTORIAL:

http://www.herongyang.com/jsp/jstl.html

Nice tutorial on JSF is available on coreservlet.com . just google jsf tutorial and search for coreservlet. Tutorials are available in pdf format . No prior experience required. Nice one

Real Time Development [ basic things to know ]

- setting up exisitng project in your IDE  - very important
- build tool (preferably Ant) - - will be used extensively
- logging framework (log4j) --- will be used extensively
- creating and reading logs -- will be used extensively
- ability to dig code - very important to get the flow as codes will be pretty much spread out
- version control [atleast checkin/checkout] -- very important as you might have to do check out the project  you would be working on.
- basic knowledge of webserver -- for deploying / restarting

I think , we cann add
knowledge on  some kind of testing like Unit Testing and
basics of SDLC

pretty much !! Unit testing on your system is very important too but unit testing doesnt need to use JUnit.
If Junit can be used, awesome.
Java classes can be tested by creating object of the classes and calling related methods.
On Client side,  i have seen everyone using IE7.

I was trying to learn tiles in struts1.3. I have used client side validations too.
When client side validation fails, the page is returned as independent page ( ignores the layout of tiles). With no client side validation, it works fine.
Any suggestion on how to fix that?

I would prefer to display the validation error on the same page rather than displaying on another page.
If you want to display error on different page, then you have make that page extend to baselayout.

Follow the link,
http://vaannila.com/struts/struts-example/struts-tiles-example-1.html

but i prefer displaying error on the same page itself.

Thanks for the immediate response. I displayed the error on same page, but coz of tiles, during display time, it didnot maintain the layout.
Just figured it, now feeling like a dumb

Ayus, Do you have any information on free subversion that supports struts/hibernate?

are u using submit type in button?
i assume it displays the error msg first and goes to another page.

- remove ur seperate page tat u r currently using for error msg.
- chk the flow after u clik on submit button...
   it shd go thru ur validation and if validation fails it shd return false....& stay on same page

- if possible,use javascript for form submission....

Subversion is a open source and free.
Download server and client(TortoiseSVN) and you can play in you local. I guess version contols have nothing to do with any frameworks.