[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Shared Secret with in a Soap process.



If you're encrypting the password and using SSL that should be reasonably secure.

You could also have a web service login method that generates a session token that the other API calls use.

Regards,
Richard Schoen
RJS Software Systems Inc.
Where Information Meets Innovation
Document Management, Workflow, Report Delivery, Forms and Business Intelligence
Email: richard@xxxxxxxxxxxxxxx
Web Site: http://www.rjssoftware.com
Tel: (952) 736-5800
Fax: (952) 736-5801
Toll Free: (888) RJSSOFT

----------------------------------------------------------------------

Message: 1
Date: Thu, 25 Aug 2011 13:55:34 -0700
From: BBB Rhodes <bbbrhodes@xxxxxxx>
Subject: Shared Secret with in a Soap process.
To: HTTP Group <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Message-ID: <SNT130-W15FC12D694932EC399C055A0100@xxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"


 
I need to get a token for a Shared Secret to acces a Web Service but can not fine anything in regards to using it within a soap request.    I have done it by using a Password but since that is not hiden I need to change it. 
 
Below is an example if have for a VB code but i am using the iSeries.
 
Does anyone know where I can find or know how to set up my soap to get the token for a shared secret?
 
VB Example--------------------
Private Function GetToken(ByVal User As String) As String
        If Token = "" Or User <> ContractAuthentication.User Then
            Dim MD5Input As String
            MD5Input = User & ":"
            MD5Input += ":"
            MD5Input += ":"
            MD5Input += GetTokenDate() & ":"
            MD5Input += "MD5:"
            MD5Input += SharedSecret
            Dim MD5Provider As New System.Security.Cryptography.MD5CryptoServiceProvider
            Dim Bytes As Byte() = System.Text.Encoding.UTF8.GetBytes(MD5Input)
            Bytes = MD5Provider.ComputeHash(Bytes)
            Token = Convert.ToBase64String(Bytes)
            ContractAuthentication.User = User
        End If
        Return Token
    End Function



Best regards,
B  		 	   		  

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------