REST hooks may be authorized on backend if necessary. This feature is enabled on WCS side with following parameter in flashphoner.properties file
Code Block |
---|
|
rest_hook_send_hash=true |
The secret key has also to be set
Code Block |
---|
|
rest_hook_secret_key=1234567890 |
While sending REST request, WCS calculates HMAC md5 hash of request body and places hash to the header
Code Block |
---|
|
Authorization: WCS f2a40d5f3ec6a43d294a11c1746d3801 |
Here f2a40d5f3ec6a43d294a11c1746d3801 is a hash example
The backend server that receives REST request, must calculate HMAC md5 hash of request body using secret key and compare this hash with received one in request header. If hashes are equal, the request is authorized and server must respond to it according REST hook type, restClientConfig settings etc. If hashes are not equal, server must return 403 Forbidden.
Include Page |
---|
| WCS5EN:Authorization on backend |
---|
| WCS5EN:Authorization on backend |
---|
|