[Esapi-user] ESAPI deprecated decrypt vs the new decrypt - getting a String to a CipherText

Jörg Liedl joerg.liedl at student.htw-berlin.de
Fri Mar 23 21:21:25 UTC 2012


Hi,

i have a small problem:

when a user registers, i send him a email with a link to click

it looks like:
https://domain.com/setactive.html?code=wmXgBIGwSwNrBIdSdt%2FmOcf%2Be6g3GpMg0QGMkmWWw9BmWfGWaToRqN2X0Ip1PKl5%2Bd%2F5griuEn3maAu7p8Fvtg%3D%3D

The stuff at the end ist done by:

             CipherText cipherText = ESAPI.encryptor().encrypt(new 
PlainText(email));
             String ct = 
ESAPI.encoder().encodeForURL(cipherText.getEncodedIVCipherText());

So, of course if i klick the link, i have in my controller, not a 
ciphertext, but only a String...

Is there any possibility to transform a String to a CipherText?

Can't find a good way to do it...

Thanks

Jörg


More information about the Esapi-user mailing list