You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2015/02/19 14:56:11 UTC
[jira] [Created] (ISIS-1048) Make view model URLs more secure, eg
through a private key.
Dan Haywood created ISIS-1048:
---------------------------------
Summary: Make view model URLs more secure, eg through a private key.
Key: ISIS-1048
URL: https://issues.apache.org/jira/browse/ISIS-1048
Project: Isis
Issue Type: Improvement
Components: Core
Affects Versions: core-1.7.0
Reporter: Dan Haywood
Assignee: Dan Haywood
Priority: Minor
Fix For: core-1.9.0
At the moment it is possible to reverse engineer a view model URL, or perhaps to steal it.
It ought to be encrypted somehow, eg using HMAC.
http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AuthJavaSampleHMACSignature.html
http://www.smartjava.org/content/protect-rest-service-using-hmac-play-20
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)