How to force HTTPS use in a Java Web Application

If you want to force the users to always use https:// even if they typed in http:// url, Applying Security Constraint in Web.xml can help.

      <security-constraint>
          <display-name>HTTPS-redirect</display-name>
          <web-resource-collection>
              <web-resource-name>secured-environments</web-resource-name>
              <description>Do HTTPS redirect so that the connection is secured</description>
              <url-pattern>/*</url-pattern>
          </web-resource-collection>
          <user-data-constraint>
              <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
      </security-constraint>

The above constraint re-directs the user to https URL.

Java Implementation – ROT-13 Encoding Algorithm

ROT-13 is the simplest of all encoding algorithms. The idea is simple, rotate the characters by 13. If you assume characters A-Z (or a-z) to be in a circle, for any characters, go to 13 characters ahead in the circle and replace it with that character.

The following diagram taken from Wikipedia (under wikipedia commons license), demonstrates the character substitution fact clearly.

Interestingly, if you encode a plain text, to decode it, you need to re-encode it.

That means for a character ABC, encode (encode( ABC)) is ABC

The following is the Java Implementation of ROT-13 Algorithm. Since having only A-Z or a-z characters may not suffice, I have added a condition where other characters will remain the same.

/**
 * @author Kushal Paudyal
 * www.sanjaal.com/java
 * Last Modified on 5th September 2008
 */
package com.kushal.utilities;
/**Java Implementation of ROT-13 Encoding algorithm**/
public class Rot13Encryption {

	public static void main(String args[]) {
		//Original Text
		String plainText=&quot;Sanjaal.Com&quot;;
		//Let's Encode It
		String encodedText=rot13Encode(plainText);
		//Then Decide It
		String decodedText=rot13Encode(encodedText);

		System.out.println(&quot;Original Text: tt&quot;+plainText);
		System.out.println(&quot;After ROT-13 Encoding: t&quot;+encodedText);
		System.out.println(&quot;After ROT-13 Decoding: t&quot;+decodedText);
	}

	/**
	 * @param textToEncode
	 * @return encoded (or decoded)text.
	 * Note: if you encode a text, and encode the result again,
	 * you will get the original text.
	 */
	public static String rot13Encode(String textToEncode) {
		String encodedText = &quot;&quot;;
		int textLength = textToEncode.length();

		for (int i = 0; i &amp;lt; textLength; i++) {
			char currentChar = textToEncode.charAt(i);
			if ((currentChar &amp;gt;= 65 &amp;amp;&amp;amp; currentChar &amp;lt;= 77)
					|| (currentChar &amp;gt;= 97 &amp;amp;&amp;amp; currentChar &amp;lt;= 109)) {
				encodedText += (char) (currentChar + 13);
			} else if ((currentChar &amp;gt;= 78 &amp;amp;&amp;amp; currentChar &amp;lt;= 90)
					|| (currentChar &amp;gt;= 110 &amp;amp;&amp;amp; currentChar &amp;lt;= 122)) {
				encodedText += (char) (currentChar - 13);
			} else {
				encodedText += currentChar;
			}
		}
		return encodedText;
	}

}


—————————————-
Here is the sample output:
—————————————-

Original Text:                     Sanjaal.Com
After ROT-13 Encoding:     Fnawnny.Pbz
After ROT-13 Decoding:     Sanjaal.Com