Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Child pages (Children Display)
depth3
styleh3
excerpttrue
excerptTypesimple

Authorization

Describe how  messages are authorized


Permissions

The permissions are defined on a pr. certificate basis for each operation or set of operations. See RepositorySettings for detailes model.

To authorise an operation, the request must be signed in order to identify the certificate and which operations it is allowed to perform. 

Signing messages

All messages in the system must be signed to ensure that the senders of the messages are who they claim they are and that the messages have not been tampered with.

...

The message signature is calculated on the message xml interpreted as a utf-8-encoded byte stream and transmitted, base 64-encoded, in the message header org.bitrepository.messages.signature

Signature generation and verification

To generate a signature openssl can be used: 

...