[CAUSEWAY-1048] Make view model URLs more secure, eg through a private key. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Duplicate
Affects Version/s: core-1.7.0
Fix Version/s: 1.12.0
Component/s: Core
Labels:
None

Description

At the moment it is possible to reverse engineer a view model URL, or perhaps to steal it.

It ought to be encrypted somehow, eg using HMAC.

http://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/AuthJavaSampleHMACSignature.html
http://www.smartjava.org/content/protect-rest-service-using-hmac-play-20

Attachments

Activity

People

Assignee:: Daniel Keir Haywood

Reporter:: Daniel Keir Haywood

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 19/Feb/15 13:55

Updated:: 12/Apr/16 07:18

Resolved:: 17/Mar/16 09:02