Hello all,
I am wondering what the best method to encrypt url paramters is (example encrypting number identifiers when url rewriting).
Right now I am using this configuration in spring
<bean id="urlEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
<property name="password">
<value>greggreg</value>
</property>
<property name="algorithm">
<value>PBEWithMD5AndTripleDES</value>
</property>
</bean>
When I encrypt I often get http reserved signs (such as +, /, etc..), therefore I thought of using the URLCodec class in order to encode the encrypted data. This works most of the time except sometimes I get a org.jasypt.exceptions.EncryptionOperationNotPossibleException (I unenocde the data with URLCodec then try decrypt (often caused by a '+' sign in the encryptd data). I thought using the URLCodec class would fix all my problems but still get random EncryptionOperationNotPossibleException. Anyone have any experience with this? Should I use another encryptor, algorithm? Thanks
