I have a Java object in which I have product information. This information I want to send to controller in URL using Get method. I want to send this object as encrypted string format.In the controller I want to decrypt information and get the values from the object. Or is there any other way to do so?
Related
Sorry, but I wanted to confirm if there was a way to do this without having to serialize to JSON, which is what I kept on reading online.
The problem that I am having is that I want to test with Postman my email service which has a Email dto of
{
String toEmail
String subjectLine
String content
List<File> attachments (Text files can be used for test if that helps)
}
Previously, before adding the list of files, I could use Postman to test with raw under the body tab of postman and sending in a json. However, I don't think I can add an object with that same method. When trying out form-data though, I am getting that the request entity is in a format not supported.
Currently, my service is only taking in a EmailDto as its resource.
Does anyone have suggestions or thoughts?
The structure of my app is:
in java get the data as a string (Successful)
Encrypt it with my encryption class. (Successful)
Store the Encrypted data to database server using Volley for future use. (Successful)
Get the Encrypted data from my database (Successful)
Retrieve data using Volley Response, in java, the value of the response has an additional "\n" and "" in it.
Encrypted Message: gDELc873OU8RxIt9P80xVw==
Response Volley: "gDELc873OU8RxIt9P80xVw==\n"
What i need is to get the exact encrypted value so that i can decrypt in java.
Any workaround might help? Thanks in advance.
I finally found the answer:
encryptedVolley = "gDELc873OU8RxIt9P80xVw==\n"
encryptedVolley.substring(1,str.length()-3);
HelloI've built an Android application that uses PubNub to create a chat channel between each user. I would like to be able to identify which users have sent which messages. Currently the login of my app is handled by Parse so each user has a unique username. I found some documentation and example code where rather than sending just the message string, an object was set up that contained the UUID and message string as two different objects that could then be extracted on the subscribe side but from what I could tell this was only in the PubNub javascript code not the Java code for Android.Right now i'm thinking that the only way for me to do this is to attach the UUID/username to the beginning of my message string with a special character to seperate the UUID and the message and then split it up and read it in on the subscribe side. For example String message = "uuidhere_messagehere";. Is this the correct way to approach this or is there a better, more convenient way of doing this?thanks
Correct - PubNub does not inject anything into your messages so you will need to include the sender id within each message that is published. Here's is a simple example of a JSON message you might publish:
{'sender_id':'user_333', 'msg':'this is my msg to you-hoo-hoo'}
Of course, the JSON message can have any key/value pairs you require.
I have been working on an android application project that uses HTTP Get to send and receive data from MySQL through a PHP file using JSON from Java.
I have lately been running into some issues in theory behind best practices using HTTP Transport and passing Parameters via a URL.
First Question:
How should I be passing my data to my PHP Webservices ?
Currently I am just passing the data through single parameters using key value pairs like so:
myurl.com/retrieveinfo.php?user_id=453&password=sha1-hash-value
Should I be moving this type of request to append a JSON object onto the URL instead? like so:
myurl.com/retrieveinfo.php?{\"users\":{\"username\":\"User1Name\" ,\"user_id\":453 , \"password\":\"sha1-hash-value\"}}
Second Question:
*How should I be handling the JSON Response from the Server ? Do I need to push this work off to a handler and make sure the UI Thread is not the one doing this work? *
Currently I am just parsing the JSON using separate methods for each Object Type such as
User.Class
private void parseUserInfo(JSONObject response){
// Do all my Parsing for a User Object
try{
JSONArray users = response.getJSONArray("users");
JSONObject user = users.getJSONObject(0);
// Get the User info etc...
}catch(JSONException ex){
ex.printStackTrace();
}
}
Notes.Class
private void parseNotes(JSONObject response){
// Do all my Parsing for a Note Object
try{
JSONArray notes = response.getJSONArray("notes");
for (int index = 0; index < notes.length() ; index++)
{
JSONObject note = notes.getJSONObject(index);
// Get all the note info etc...
}
}catch(JSONException ex){
ex.printStackTrace();
}
}
Third Question:
I would like my PHP server files to only work for my Application. So what is the best way to secure my PHP files on my server so a request to my files wont go through if its run in a browser ?
Should I be sending some temp key that only my application knows about ?
Thanks
First Question:
You don't really want to put a JSON object on the url as a query parameter. The real two debates that I see is that you either 1) use the key value pairs you were using, or 2) make this a POST and send the JSON as a payload.
Since you are not planning on exposing the API to anyone, I don't really find it important for you to follow standard nomenclatures. Do whatever you want to do. However, from a REST standpoint, anything that retrieves info should be a GET call, and the data should be key-value pairs on the query string. However, it looks like you are passing in a username and password (ok, the sha of the pass). It is considered best practice to always pass user info as the payload. So almost all login type protocols use a POST for user data. User-id's or session id's are common in the query string but usernames and passwords should almost always be in a payload.
Note: sometimes in TLS (SSL) it is considered ok to include these things in the query string.
Second Question:
Honestly, I would just use Jackson. https://github.com/FasterXML/jackson
But otherwise, it is normal to have a seperate layer for parsing. In otherwords, one class handles all the parsing. You do not want to put this code inside your models if you can avoid it. The new layer would handle parsing and would pass the Java Model objects down to the next layer.
Third Question:
The easiest way to do this would simply be to check the user-agent header on the request. Make sure that the user-agent is your application, and not a browser.
However, it would still be possible for people to "spoof" this. Using a temp key wouldn't really help either, because once people sniff the traffic they can figure out the temp key.
The standard thing here is to do some type of session based key, where the application sends some type of MAC in order to prove it is a valid client.
You could also consider using OAUTH2 to protect your api's.
I had created a web service where it receives the data and store it in database. For confirmation of storage to user i had shown the stored data as response in the same page as (where web service is processing) JSON output.
Now i have a doubt , Do the response can be redirected to the request page.
For your better understanding,
A user uploading the data from a html file (upload.html).
Now the web service will store the data in database (upload.java) and shows output as JSON in same page (current am using this way)
Can i take the response JSON output back to the html (upload.html) and show the JSON output
Is this way possible.
You are posting/sending data of user to server and then again you want to redirect response to the user. Why?
When user submits the data you already have it. So just format it and show appropriate message to the user. Showing message after redirection doesn't add any value unless you want to show some message which is coming from server.
Edit
Web service tutorial
Check service code in above link; it returns String. Similarly you need to modify your service to return appropriate object.
public String hello(#WebParam(name = "name") String txt) {
return "Hello " + txt + " !";
}