Hash strategy
page. After successful decryption, the next step is to decompress the parameter values and create a new ,SWDWH object from the obtained bytes. Here, after getting the ,SWDWH object, HDIV will now check each of the parameters and the values contained in them. Validation on relative values is also done. If the request is correct, it is redirected to the Struts controller to generate the corresponding page. Otherwise, if a security error is detected, the user is redirected to an error page and the incident is logged. All the above steps can be seen in Figure 1. 8QOLNH WhH FLShHr VWrDWHJy, WhH hDVh VWrDWHJy oQOy guarantees integrity of data and not confidentiality. The main difference between these is that instead of creating a cipher, a hash is created of the , SWDWH, which is stored in the user session at the server end. The steps followed in the hash strategy are as follows: HDIV collects all request data and generates an Rrg. hGiv.VWDWH.,SWDWH oEMHFW, HQFoGHV LW LQ BDVH64, DQG VHQGV LW Wo WhH FOLHQW LQ D hLGGHQ IorP fiHOG or OLQN SDrDPHWHr, _HDIV_ STAT(. A hash of the ,SWDWH value is also created and stored in the user session at the server side. Now, while validating the request, HDIV computes a hash of the _HD,V_STAT( value, and compares it with the hash value stored in the user session. If the hashes match, it is redirected to the Struts controller to generate the corresponding page, otherwise, to an error page. For a pictorial representation of these steps, see Figure O.