Win a copy of Pipeline as Code this week in the Cloud/Virtualization forum!

sachin burange

Ranch Hand
+ Follow
since Jun 24, 2008
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by sachin burange


Thanks Amit for reply. I am using salt in little unconventional way. Here it is

There are two parties Party A and Party B.

Party A are the webservices itself.
Party B are the caller of webservices.

Both Parties are agreed upon on shared secret key.

Now when Party B calls the rest webservices it generates the salt and signature and send it across.
As soon as it reaches to party A, it gets the salt, use with secret key and generates the signature.

Now Party A matches generated signature with the signature it received from Party B. If that matches then it is valid request other wise it will deny the services.

Now my initial question was, dynamic salt and signature will be in HTTP body and services will be installed on https. Is this much security is OK, or we can enhance it and restrict the unwanted user by any other techniques ?


Best Regards,
sachin
6 years ago
Hi,

I have wrote couple of restful webservices. As part of security i have added SALT and signature param so that not anyone can access it.
These Services will be deployed under https. JSON request looks like below.

{
"instrumentName": "InName",
"instrumenGroup": "InstrynentGrooup",
"salt" : "KVq88mTrqjoYPiCVhfmh4Q==",
"signature" : "ZinT6BvBZvBCzBTKaCPG4l+L8FuB4U9/575aDXaZ9yA="

}

SALT and SIGNATURE will be unique on every request.

My question is will this much security is enough or malicious user can also grab salt and signature and hit other endpoints. If yes, then what should can be done further to enhance security for rest calls ?


Best Regards,
sachin
6 years ago
How to create different nodes in webshper 7.0 in an clustered environment on a single machine.
Step by step process is needed for clustering webshper 7.0.

Thanks
Sachin Burange
10 years ago
Hello guys,

come on.. Forgive SCJP.. those who wants to do it let them do it and those don't let them free.
Nothing will change in your life discussing it is good or not.

Keep rocking. cheers
Try adding getters and setters ij object.
and add AutoWire keyword in top of setter method.

10 years ago
In Eclipse go to Window->Show View->Error Log

I hope this helps.
If i am not wrong then it should be inside endorsed directory of JBOSS.
10 years ago
How to create ThreadPool and define the size of thread pool
I guess in your case just build the project again and refresh the project.
JBOSS should detect the class changes, just try with sys out first.
10 years ago
Hello Hem,

JBOSS does detect the changes. what you have to do is

1. put a class files or its jar file in WEB-INF folder of deployment directory.
2. Reload the context adding space in web.xml

Using these two steps you will able to see that application redeployment starting automatically.

10 years ago
Siva i guess request attribute normally comes from servlet to jsp.
We are trying here in reverse i.e from jsp to servlet.

anyone comments on this ?
10 years ago
JSP
Try to clean the project and build it again.
See the problem view of eclipse are their any problems
if not "R.java" should be automatically created.
10 years ago
Kevin,
Try to increase the memory allocation for simulator.
i.e increase avd space.
10 years ago
Try to Use Calendar methods:


public abstract boolean equals(Object obj)
public abstract boolean after(Object when)
public abstract boolean before(Object when)


10 years ago