Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Current »

Canvas comes with secure Encryption and Decryption of data transferred between the client and the server to protect and to safeguard the data transferred. Canvas uses Symmetric-key cryptography, a class of cryptographic algorithms in which the same key is used to encrypt and decrypt messages. The secret key is established between client and server using the Diffie-Hellman key exchange mechanism, post which, the actual encryption takes place with this secret key using AES-GCM encryption algorithm.

When you enable encryption, Canvas will encrypt all requests coming to your application including log out.

To enable encryption, perform the following steps:

Step 1In systempreferences.properties (as defined in the Configuration of Default Descriptor) file, set ENCRYPT_SERVER_CALLS = Y.

Step 2In web.xml, add the following filters that will encrypt and decrypt data shared between server and client.

<filter>
	<filter-name>CanvasEncryptionFilter</filter-name>
	<filter-class>	
        com.intellectdesign.canvas.servercomm.encryption.filters.CanvasEncryptionFilter
	</filter-class>
</filter>
<filter-mapping>
	<filter-name>CanvasEncryptionFilter</filter-name>
	<url-pattern>/WidgetControllerServlet</url-pattern>
</filter-mapping>

Step 3: In the web.xml, add the following servlet that will translate the cipher text to plain and plain text to cipher text during data transformation between server and client.

<servlet>
	<servlet-name>GetPublicKey</servlet-name>
	<servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.GetPublicKey
	</servlet-class>
</servlet>
<servlet-mapping>
	<servlet-name>GetPublicKey</servlet-name>
	<url-pattern>/GetPublicKey</url-pattern>
</servlet-mapping>
<servlet>
	<servlet-name>HandShakeServlet</servlet-name>
<servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.HandShakeServlet
</servlet-class>
</servlet>
<servlet-mapping>
	<servlet-name>HandShakeServlet</servlet-name>
	<url-pattern>/HandShakeServlet</url-pattern>
</servlet-mapping>
  • No labels