Results 1 to 1 of 1
- 05-13-2008, 07:45 AM #1Member
- Join Date
- May 2008
- Rep Power
Storing Private Keys in Source Code
I think I have a rather unusual situation... I need to authenticate:
- my Lobo plugin with the server, and
- the server (actually, an HTTP response) with my user.
The first is the trickier of the two, because the open-source plugin must be distributed freely to users and all copies must have the same private key. (Each server will have copies of the plugin's public key.)
But the second is also pretty tricky in a similar way. I think the response will be dynamic, so the private key needs to be available for signing at runtime. Also, the private key will be the server's... Would it be best to supply an interface (or abstract class?) for the server to implement, and pass the response to be signed through a method in that interface?
- By reena in forum Advanced JavaReplies: 1Last Post: 04-19-2008, 06:57 PM
- By desmond5 in forum New To JavaReplies: 1Last Post: 03-06-2008, 09:10 PM
- By yakupemre in forum EclipseReplies: 1Last Post: 08-15-2007, 09:31 AM
- By valery in forum XMLReplies: 2Last Post: 08-06-2007, 08:29 PM
- By vissu007 in forum New To JavaReplies: 1Last Post: 07-05-2007, 07:08 PM