Re: put in safety my Rest Web Services -- WEB400

Good News Everybody!

The new search engine is LIVE!

Please report any problems to david (at) midrange.com.

Subject: Re: put in safety my Rest Web Services
From: pat <p.caroti@xxxxxxxx>
Date: Wed, 19 Aug 2015 15:55:59 +0000 (UTC)
List-archive: <http://archive.midrange.com/web400/>
List-help: <mailto:web400-request@midrange.com?subject=help>
List-id: "Web Enabling the IBM i \(AS/400 and iSeries\)" <web400.midrange.com>
List-post: <mailto:web400@midrange.com>
List-subscribe: <http://lists.midrange.com/mailman/listinfo/web400>, <mailto:web400-request@midrange.com?subject=subscribe>
List-unsubscribe: <http://lists.midrange.com/mailman/options/web400>, <mailto:web400-request@midrange.com?subject=unsubscribe>

Henrik Rützou <hr@...> writes:

Richard

if you control both the client and the server it is quite simple.

Lets say you have a URL like

http:// serverip/getinfo.pgm?userid=aaaaa&password=bbbbb&account=123456

you change the url to

http:// serverip/getinfo.pgm?userid=aaaaa&hash=

4625fd63b0e96fc0d656ae7381605e48d4a0f63a319fc743adf22688613883c7&account=123456

Everybody can do a HASH - but the HASH is 'salted'

The user id aaaaa has a 'salt'-value only the client and the server knows
so the input
to the HASH algoritm is

aaaaa123456salt

hi
thanks for you reply
as i have never used HASH .. could you please let me know how can i use it ?
)expecially in RPGLE .. where can i find some example.

Thanks in advance

Follow-Ups:

Re: put in safety my Rest Web Services , Henrik Rützou

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.