http://ww2.wso2.org:8081/restsig/index.html
Here I used a sevlet filter to to add HTTP headers to the response indicating where to find the signature and digest files when a resource is requested.
Sample response headers when /index.html is requested :
resource-sig: /restsig/index.html.sig
resource-xmlsig: /restsig/index.html.xmlsig
resource-md5: /restsig/index.html.md5
resource-sig-cert: MIIDCjCCAfKgAwIBAg...=
http://ww2.wso2.org:8081/restsig/index.html.sig
http://ww2.wso2.org:8081/restsig/index.html.md5
Furthermore in the case of HTML (assuming well formed) and XML files this app generates the XML signature as well.
http://localhost:8081/restsig/index.html.xmlsig
Now one can develop a simple browser plugin to verify the signature and digest (cerificate information can be made available as a header or a separate resource).
The source of this can be found here :
https://wso2.org/repos/wso2/people/ruchith/rest-stuff/sig
No comments:
Post a Comment