One way encryption tools like MD5/SHA/etc does not necessarily generate unique strings. Two different strings can namely generate the same hash. That's after all also the whole idea behind one-way encryption: there's no (reliable) way to find out what the original string was.
Better make use of java.util.UUID
, if necessary in combination with a database PK or UK so that you can just generate a new one in case of an (unexpected) constraint violation.
Here's a basic example how to get such a random unique key:
String key = UUID.randomUUID().toString();
That said, JSP is a view technology. You aren't supposed to write raw Java code in JSP files. Use taglibs and EL in JSP only. With taglibs you can control the page flow and with EL you can access backend data. Keep raw Java code in Java classes like servlets, filters, beans, etc.
In this specific case, just have a JSP with a HTML form which submits to some (controller) servlet which in turn generates the key using java.util.UUID
, stores it in the DB using the JDBC API, sends an email using the JavaMail API and finally forwards the request to some result JSP.