scala - Scalatra response HMAC calulation -

-

I am developing a web service using Skallet and I want to use HMAC for bidirectional authentication.

So far, I have implemented client authentication to the customer: Customer (an Android app) uses these criteria to calculate one HMAC / SHA 512 for each request: a shared secret, HTTP The method, URL, some headers (timestamp, client id etc) and request body (if it is a post or a string), this HMAC is then added to a specific title and the request is sent to the server (which is sent to HMAC Confirms with Acmsi in Nurod header that performs the same calculation to the client).

Now, I want to do the opposite thing: The server is certified to the client using shared secret, request HTTP method, URL and response body .

By now, I found that I can override renderResponse (ActionResult: any) that , renderResponseBody (ActionResult: any) or even That seems to be the easiest to handle as renderPipeline and override renderpipline as I decided to go along with.

Renderpipline in my interchangeable I change the reaction body to a byte array file if the file is saved in the memory ), Calculate HMAC and add it to the feedback header.

What do I want to know: In such cases when the renderpipline is overridden this method will either break the authentication functionality presented above (such as Renderpipline Which is not being called multiple times or is referred to the header which is sent to renderPipeline ) body or some other functionality in Scalatra?

As a note I do not calculate HMAC when the action unit returns and the reaction output is being written directly by the action.

The problem was the only problem for me. I used a special feature to extend the handler , as if it has been done and it is used as a reference implementation.

I created a ServletOutputStreamCopier for the original OutputStream and each byte for both streams: 

  class ServletOutputStreamCopier ( Original: ServletOutputStream: ServletOutputStream extends {Val copy: ByteArrayOutputStream = new ByteArrayOutputStream (1024) Def override write (b: int): unit = {orig.write (b) copy.write (b) Override def setWriteListener (writeListener: writeListener) : Unit = orig.setWriteListener def isReady override: boolean = orig.isReady def getCopy: array [byte] = copy.toByteArray}

Then a ResponseCopier Which is a HttpServletResponse Wrapper is pre-defined with service outoutstream copier and copy to the outside: 

  class ResponseCo Pier (res: HttpServletResponse, sos: ServletOutputStreamCopier, w: PrintWriter) HttpServletResponseWrapper (res) {extride def getOutputStream: ServletOutputStream = New servletOptputCopier (SOS) Override Def GetWriter: PrintWriter = w Override DRF SetSentant Lang (I: Int) = {} def GetCopy: Array [byte] = sos.getCopy}

Finally handle method by using callback sclelet Class action takes care of adding the header after the completion of ScalatraBase.onRenderedComplete .

Attribute SignedResponseSupport extends handler {self: ScalatraBase = & gt; , = New ResponseCopier (Response Unit = {withRequestResponse (Request, Race) {Val sosc = New ServletOutputStreamCopier (res.getOutputStream) Val = New PrintWriter (sosc) Wrapped: Summary Override Def Handle (Request: HttpServletRequest, Race: HttpServletResponse) Sosc, w) ScalatraBase.onRenderedCompleted {_ = & gt; W.flush () w.close () Val password = "secret-password" val sign = signResponseBody (wrapped.getCopy, password) wrapped.addHeader ("X-post-sign", sign)}} super.handle (request , Wrapped)} def signResponseBody (body: array [byte], password: string): string = {/ * signaling goes here} /

Comments

Post a Comment

Popular posts from this blog

winforms - C# Form - Property Change -

-
I have a form that has a property named car A class with many properties. The Properties is being displayed on the current car on the basis of some user actions that are being displayed. So I have to know whether the property has been allocated or set to zero. I'm aware of INotifyPropertyChanged , but in my case I'm not sure that since this change I have changed my car properties car do not want to monitor the property. Any idea how to accomplish this? In advance thank you If you have created a true asset in your class then You should be a great and setter, you can add the code directly to the form property in order to take action on the basis of "form": Public partial category Form 1: form {public form 1 () {InitializeComponent (); } // define car square public class car {public string name = string. Empty; } // private car to keep the value of the current car private variable _car = null; // Property of public form which you can ru...
Read more

java - Algorithm negotiation fail SSH in Jenkins -

-
I am trying to do SSH on the local server from Jenkins, but the following error has been thrown: [SSH] Exception: Algorithm negotiation fail com.jcraft.jsch.JSchException: algorithm talk com.jcraft.jsch.Session.receive_kexinit (Session.javaatar20) at com.jcraft.jsch.Session.connect (Sesson at com.jcraft.jsch.Session.connect (Session.java:150) at org.jvnet.hudson.plugins.SSHSite.createSession (SSHSite.java:141) on failed failed org.jvnet.hudson.plugins. java: 286) .SSHS on org.jvnet.hudson.plugins.SSHBuildWrapper.executePreBuildScript (SSHBuildWrapper.java:75) on Org.jvnet.hudson.plugins.SSHBuildWrapper.setUp (SSHBuildWrapper.java59) ite.executeCommand (SSHSite.java151) on hudson.model.Build $ BuildExecution.doRun hudson.model.AbstractBuild $ AbstractBuildExecution.run (AbstractBuild.java:533) to (Build.java:154) hudson.model.Run.execute ( Run.java:1754) in ended .model.FreeStyleBuild.run (FreeStyl hudson.model.ResourceController.execute (ResourceController.java:89) on hudson.mod...
Read more

java - Messages from .properties file do not display UTF-8 characters -

-
Image
In the form of a title, I can only add that if I enter the html file manually, then it Okay. View Rolver: & lt; Bean id = "templorellolver" class = "org.thymeleaf.templateresolver.ServletContextTemplateResolver" & gt; & Lt; Property name = "prefix" value = "/ web-nf / templates" /> & Lt; Property name = "suffix" value = ". Html" /> & Lt; Property Name = "Template Mode" Value = "HTML5" /> & Lt; Asset name = "cacheable" value = "wrong" /> & Lt; Property Name = "characterEncoding" value = "UTF-8" /> & Lt; / Bean & gt; & Lt; Bean id = "Template Engine" class = "org.thymeleaf.spring3.SpringTemplateEngine" & gt; & Lt; Property Name = "Temploreolar" ref = "Templarolver" /> & Lt; / Bean & gt; & Lt; Bean square = "org.thymeleaf.spring3.view.Thymel...
Read more