Just checked in the code for HMAC signatures on form data (or any other serialized object data on the client, such as the "client" persistent field strategy).
Basically, form t:formdata fields are now prefixed with the HMAC code; on submission, Tapestry can verify that the HMAC code matches the binary stream encoded as Base64 to ensure that the data has not been tampered with. Users will want to configure their private pass phrase using a newly defined symbol. If left unconfigured, there will be a runtime error logged (not an exception, just an error to encourage users to select a private pass phrase). Very pleased with the result, though I don't know if it will affect performance in any great way. Fortunately, it is based on symmetric (private) keys, which are relatively cheap (public key encryption is very expensive, such that in normal usage, the public key is used to encode a randomly chosen symmetric key, and the message payload is encrypted with the symmetric key; encoding an entire message with the public key would be prohibitively expensive). Currently, it is hard coded to use HmacSHA1 as the signing algorithm; I flirted with making this configurable as well, but decided to wait and see if that is necessary. -- Howard M. Lewis Ship Creator of Apache Tapestry The source for Tapestry training, mentoring and support. Contact me to learn how I can get you up and productive in Tapestry fast! (971) 678-5210 http://howardlewisship.com --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
