Canvas comes with secure Encryption and Decryption of data transferred between the client and server to protect and to safeguard the data transferred. Canvas uses Public-key cryptography (also known as asymmetric cryptography) is a class of cryptographic algorithms which requires two separate keys, one of which is secret (or private) and one of which is public. The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature.
To enable encryption,
Step 1: In the systempreferences.properties (as defined in the default descriptor) file, set ENCRYPT_SERVER_CALLS = Y
Step 2: In the web.xml, add the following filters that will encrypt and decrypt data shared between server and client.
<filter> <filter-name>EncryptionRequestFilter</filter-name> <filter-class> com.intellectdesign.canvas.servercomm.encryption.filters.EncryptionRequestFilter </filter-class> </filter> <filter-mapping> <filter-name>EncryptionRequestFilter</filter-name> <url-pattern>/WidgetControllerServlet</url-pattern> </filter-mapping> <filter> <filter-name>EncryptionResponseFilter</filter-name> <filter-class>com.intellectdesign.canvas.servercomm.encryption.filters.EncryptionResponseFilter </filter-class> </filter> <filter-mapping> <filter-name>EncryptionResponseFilter</filter-name> <url-pattern>/WidgetControllerServlet</url-pattern> </filter-mapping>
Step 3: In the web.xml, add the following servlet that will translate the cipher text to plain and plain text to cipher text during data transformation between server and client.
<servlet> <servlet-name>GetPublicKey</servlet-name> <servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.GetPublicKey </servlet-class> </servlet> <servlet-mapping> <servlet-name>GetPublicKey</servlet-name> <url-pattern>/GetPublicKey</url-pattern> </servlet-mapping> <servlet> <servlet-name>HandShakeServlet</servlet-name> <servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.HandShakeServlet </servlet-class> </servlet> <servlet-mapping> <servlet-name>HandShakeServlet</servlet-name> <url-pattern>/HandShakeServlet</url-pattern> </servlet-mapping>