Is there any way to encode the password to be send to CFC method so that I should be able to decode the same also in the CFC method.
I want to pass this password in encoded form.
Any one have any idea on this.
Your help is well appreciated.
Well, first of all, it would be best to wrap your entire path in a URLEncodedFormat(). This ensures that any special characters in either the hashed PW or the UN are URL-friendly.
What I would do is set a variable into your APPLICATION scope that is a seed. When you pass the password, use Encrypt on it with the seeded value. This way, when your CFC gets the request, it can use Decrypy, and has access to the seed value in the APPLICATION scope in order to determine the actual value passed by the user, and perform authentication at that point.
Thanks Aegis for your response...
Please correct me If I took it ,what you were trying to convince , in different sense.
I don't think you want to urlencode the entire path, only the variable values of username and password.
Security wise, you might want to put a little more thought into alternatives. Two issues that come up immediately in my mind:
That said, can this be tied to session security instead of URL query parameters?