Canvas comes with secure Encryption and Decryption of data transferred between the client and server to protect and to safeguard the data transferred. Canvas uses Public-key cryptography (also known as asymmetric cryptography), a class of cryptographic algorithms that requires two separate keys, one secret (or private) key and one public key. The public key is used to encrypt plain text or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature.
When you enable encryption, Canvas will encrypt all requests coming to your application including log out.
To enable encryption, perform the following steps:
Step 1: In systempreferences.properties (as defined in the Configuration of Default Descriptor) file, set ENCRYPT_SERVER_CALLS = Y.
Step 2: In web.xml, add the following filters that will encrypt and decrypt data shared between server and client.
<filter>
<filter-name>CanvasEncryptionFilter</filter-name>
<filter-class>
com.intellectdesign.canvas.servercomm.encryption.filters.CanvasEncryptionFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>CanvasEncryptionFilter</filter-name>
<url-pattern>/WidgetControllerServlet</url-pattern>
</filter-mapping>
<filter>
<filter-name>EncryptionResponseFilter</filter-name>
<filter-class>com.intellectdesign.canvas.servercomm.encryption.filters.EncryptionResponseFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>EncryptionResponseFilter</filter-name>
<url-pattern>/WidgetControllerServlet</url-pattern>
</filter-mapping>
Step 3: In the web.xml, add the following servlet that will translate the cipher text to plain and plain text to cipher text during data transformation between server and client.
<servlet> <servlet-name>GetPublicKey</servlet-name> <servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.GetPublicKey </servlet-class> </servlet> <servlet-mapping> <servlet-name>GetPublicKey</servlet-name> <url-pattern>/GetPublicKey</url-pattern> </servlet-mapping> <servlet> <servlet-name>HandShakeServlet</servlet-name> <servlet-class> com.intellectdesign.canvas.servercomm.encryption.servlets.HandShakeServlet </servlet-class> </servlet> <servlet-mapping> <servlet-name>HandShakeServlet</servlet-name> <url-pattern>/HandShakeServlet</url-pattern> </servlet-mapping>