dynamically pass parameter to applet

Question

I want to do the following things:

1. on web page A, user input the username and password then submit
2. after submit on A, redirect to page B, pass the log in info user/pass to B. The connection to B is SSL enabled
3. on web page B, there is an applet, B pass the username and password to the applet.

My questions are:

1. what is the simplest and most common way that A send the username and password to B
2. for B to pass those dynamic parameters to the applet, what should I do(I am thinking using java script, but I don't know how and is it good)?

I just want a simple and common solution, don't make it complicated.

Answer 1

As is usually the case with authenticated applications (i.e. passwords), keeping it simple usually leads to massive security holes. For starters you may have to use HMAC. Applet's typically can pick up parameters from say page B using parameter tags or in modern applets with jnlp. Once the user/pass reaches the server dynamically generate session keys for the applet and pass them to the applet code via the parameter mechanism i.e as tags in page B or parameters in the applet's jnlp.