Amit If you need advice with simpatica don't worry to ask. I never had time to write some documentation so you have to look at the code and/or ask...
mic Il giorno mercoledì 25 luglio 2012 05:14:52 UTC+2, Amit ha scritto: > > Thanks Michele and Derek..nice post , i am looking exactly the same :) > > On Wed, Jul 25, 2012 at 4:09 AM, Michele Comitini < > [email protected]> wrote: > >> >> This is very similar to what TSL accomplishes with x509 certificates. >> There is a slight difference, the server does not own a public key for >> each client: it verifies that the client owns an x509 certificate signed >> by the correct certification authority. So no need to store public keys. >> in any case AFAIK in public/private key algorithms the private key always >> allows generation of the corresponding public key, not the contrary of >> course. >> >> To accomplish what you need in the simplest way you have to: >> >> - create a certification authority with self signed certificate >> - create certificate for you webserver signed with the private key of the >> certification authority above. >> - configure your webserver to require a client certificate (with rocket >> look at --ca-cert option) >> - In case you need to know some infos about the connecting client as >> reported in its certificate you can use x509_auth.py to use x509 >> authentication and configure your REST action with @auth.requires_login(). >> This will give you access to information contained in the certificate >> such common name or serial id. To customize you can extend the X509_Auth >> class. >> >> To generate test certificates fast you can use simpatica as Derek >> correctly suggests. >> >> mic >> >> Il giorno martedì 24 luglio 2012 10:33:48 UTC+2, Amit ha scritto: >> >>> Hi, >>> I have to provide public/private key authentication for accessing web >>> service (REST) from client in my web2py application.How to achieve it? >>> >>> Scenario: >>> 1.Each client will have unique private key which will be sent to the >>> server alongwith request. >>> 2. Server has to authenticate private key using public key(unique for >>> each client) and then allow to access the web service method. For e.g. >>> suppose one client say X has requested for web service "add()" so server >>> has to first validate the public key with client's private key and if >>> validation is successful then allow to access the web service "add()". >>> >>> Challenges: >>> where to store public key of each client?we can't store it in the db >>> because server can't access db before validation of web service method.So >>> will it be store somewhere in PC(where server is running)?if yes then how >>> and which format? >>> >>> >>> NOTE: Here Server will be completely written in web2py and client is >>> separate application running on the hardware device. >>> >>> -- >> >> >> >> > > --
