You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@isis.apache.org by "Dan Haywood (JIRA)" <ji...@apache.org> on 2016/03/17 10:03:33 UTC
[jira] [Resolved] (ISIS-1048) Make view model URLs more secure, eg
through a private key.
[ https://issues.apache.org/jira/browse/ISIS-1048?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Haywood resolved ISIS-1048.
-------------------------------
Resolution: Duplicate
This is supported via the pluggable UrlEncodingService, introduced in Isis 1.11.0
> Make view model URLs more secure, eg through a private key.
> -----------------------------------------------------------
>
> Key: ISIS-1048
> URL: https://issues.apache.org/jira/browse/ISIS-1048
> Project: Isis
> Issue Type: Improvement
> Components: Core
> Affects Versions: core-1.7.0
> Reporter: Dan Haywood
> Assignee: Dan Haywood
> Priority: Minor
> Fix For: 1.12.0
>
>
> At the moment it is possible to reverse engineer a view model URL, or perhaps to steal it.
> It ought to be encrypted somehow, eg using HMAC.
> http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AuthJavaSampleHMACSignature.html
> http://www.smartjava.org/content/protect-rest-service-using-hmac-play-20
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)