I have Web Application A on Server A that links to Web Application B on Server B. I'm linking to a form that I want to pre-populate with data from Web Application A. So:
Web App A --Links to form and sends data for pre-population--> Web App B
Since they're on seperate servers I importunately can't just plop something into Session, so I'm going to have to be a little more creative. I'm considering a few different options and I'm looking for the simplest of those solutions. Any suggestions?
Here's a few options I'm considering:
Any thoughts? Or is there a better solution that I don't have listed?
在我看来,GET参数是最简单的方法,我认为没有重要的安全隐患。
You should assume anything that web app A puts in the redirect can be read/stolen/modified/spoofed before it gets to web app B (unless you are using SSL on both app A and B). If this isn't a problem then putting the params on the redirect URL should do you fine.
A secure way would be for app A to generate a unique ID (non guessable and short lived) and to store the info against this ID. The ID is passed with the request to app B. Server B then accesses the data from server A using the ID in a private secure way, for example be calling a web service on server A that is not publically accessible.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.