Guest_imported
New member
- Jan 1, 1970
- 0
Dear Friends.......
I am working on a B2B Site where the Security is of Prime Importance, specially the Information entered by Bidder
should be highly secured. No one should be able to see it.. not even the Site Administrator.
The tools we are using is J2EE, WebLogic, oracle8i
Concern 1 :
-----------------
We have a form which is really long. The bidder has to fill about 30 Diff. Details for every Item and sometimes one Bid can have
more than 20 Items too. So U can imagine... how lengthy the form can be ! Whatever the Bidder fills on this page, should
get encrypted at the client side itself (We are planning to use an Applet to do that) ... and once everything is encrypted...
only then it should leave client machine. Un-Encrypted Data should never go to Server ! This is Client Requirement !!!
Since providing such a long form is not a good idea we thought of having a main page and some pop-ups ! ie on main
page there will be links like 'Add Details' etc... clicking on that will take the user to Pop-up where he can enter data.
just like 'Add/Edit Attachment' on yahoo mail Compose Screen ! But the concern here is... how do pass Data between
that pop-up and the main page without making a server Trip ? Coz... the moment we say server trip we are breaching
security coz... the client does not want 'Un-encrypted' data to go to server.
If we want to provide all items in one form... then we anticipate problem of Session Time out, since the form is really tooooo long !
Concern 2 :
-----------------
One alternate we could think is... Offline Entry utility ! ie where the form (As designed by the Buyer) should get downloaded
to Bidder's PC... where he can fill it on his PC leisurely... and once he is thru... he can Encrypt and upload..... so
those Encrypted Items will be stored into DB.
Could anyone pls help me on this ? Any suggestions ?
Rgds and Thanx
Prashant Kamath
I am working on a B2B Site where the Security is of Prime Importance, specially the Information entered by Bidder
should be highly secured. No one should be able to see it.. not even the Site Administrator.
The tools we are using is J2EE, WebLogic, oracle8i
Concern 1 :
-----------------
We have a form which is really long. The bidder has to fill about 30 Diff. Details for every Item and sometimes one Bid can have
more than 20 Items too. So U can imagine... how lengthy the form can be ! Whatever the Bidder fills on this page, should
get encrypted at the client side itself (We are planning to use an Applet to do that) ... and once everything is encrypted...
only then it should leave client machine. Un-Encrypted Data should never go to Server ! This is Client Requirement !!!
Since providing such a long form is not a good idea we thought of having a main page and some pop-ups ! ie on main
page there will be links like 'Add Details' etc... clicking on that will take the user to Pop-up where he can enter data.
just like 'Add/Edit Attachment' on yahoo mail Compose Screen ! But the concern here is... how do pass Data between
that pop-up and the main page without making a server Trip ? Coz... the moment we say server trip we are breaching
security coz... the client does not want 'Un-encrypted' data to go to server.
If we want to provide all items in one form... then we anticipate problem of Session Time out, since the form is really tooooo long !
Concern 2 :
-----------------
One alternate we could think is... Offline Entry utility ! ie where the form (As designed by the Buyer) should get downloaded
to Bidder's PC... where he can fill it on his PC leisurely... and once he is thru... he can Encrypt and upload..... so
those Encrypted Items will be stored into DB.
Could anyone pls help me on this ? Any suggestions ?
Rgds and Thanx
Prashant Kamath
![[pc2]](/data/assets/smilies/pc2.gif "[pc2] [pc2]")
![[thumbsup2]](/data/assets/smilies/thumbsup2.gif "[thumbsup2] [thumbsup2]")