[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Shared Secret with in a Soap process.
If you're encrypting the password and using SSL that should be reasonably secure.
You could also have a web service login method that generates a session token that the other API calls use.
Regards,
Richard Schoen
RJS Software Systems Inc.
Where Information Meets Innovation
Document Management, Workflow, Report Delivery, Forms and Business Intelligence
Email: richard@xxxxxxxxxxxxxxx
Web Site: http://www.rjssoftware.com
Tel: (952) 736-5800
Fax: (952) 736-5801
Toll Free: (888) RJSSOFT
----------------------------------------------------------------------
Message: 1
Date: Thu, 25 Aug 2011 13:55:34 -0700
From: BBB Rhodes <bbbrhodes@xxxxxxx>
Subject: Shared Secret with in a Soap process.
To: HTTP Group <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Message-ID: <SNT130-W15FC12D694932EC399C055A0100@xxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
I need to get a token for a Shared Secret to acces a Web Service but can not fine anything in regards to using it within a soap request. I have done it by using a Password but since that is not hiden I need to change it.
Below is an example if have for a VB code but i am using the iSeries.
Does anyone know where I can find or know how to set up my soap to get the token for a shared secret?
VB Example--------------------
Private Function GetToken(ByVal User As String) As String
If Token = "" Or User <> ContractAuthentication.User Then
Dim MD5Input As String
MD5Input = User & ":"
MD5Input += ":"
MD5Input += ":"
MD5Input += GetTokenDate() & ":"
MD5Input += "MD5:"
MD5Input += SharedSecret
Dim MD5Provider As New System.Security.Cryptography.MD5CryptoServiceProvider
Dim Bytes As Byte() = System.Text.Encoding.UTF8.GetBytes(MD5Input)
Bytes = MD5Provider.ComputeHash(Bytes)
Token = Convert.ToBase64String(Bytes)
ContractAuthentication.User = User
End If
Return Token
End Function
Best regards,
B
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------