[jira] [Updated] (ISIS-1048) Make view model URLs more secure, eg through a private key.

Dan Haywood (JIRA) Fri, 13 Nov 2015 05:53:40 -0800

     [ 
https://issues.apache.org/jira/browse/ISIS-1048?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Dan Haywood updated ISIS-1048:
------------------------------
    Fix Version/s:     (was: 1.12.0)
                   1.11.0

> Make view model URLs more secure, eg through a private key.
> -----------------------------------------------------------
>
>                 Key: ISIS-1048
>                 URL: https://issues.apache.org/jira/browse/ISIS-1048
>             Project: Isis
>          Issue Type: Improvement
>          Components: Core
>    Affects Versions: core-1.7.0
>            Reporter: Dan Haywood
>            Assignee: Dan Haywood
>            Priority: Minor
>             Fix For: 1.11.0
>
>
> At the moment it is possible to reverse engineer a view model URL, or perhaps 
> to steal it.  
> It ought to be encrypted somehow, eg using HMAC.
> http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AuthJavaSampleHMACSignature.html
> http://www.smartjava.org/content/protect-rest-service-using-hmac-play-20



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (ISIS-1048) Make view model URLs more secure, eg through a private key.

Reply via email to