Java – validate HTTP requests from signed jars

2020-01-30 • Java

I am writing a client for my web application, and I signed the release jar with my developer certificate. How can I verify that the request rest service comes from my signed jar?

Solution

You can't The signature is used to perform authentication, which means that it is on the server side But you want to check the signature on the client's http / rest request The client does not have such authentication

You can add something to the response itself and verify it on the client, but again, nothing can prevent any other server from sending the same value, so pretend to be your server

You can also add some behavior features (such as session cookies) to jars, and nothing can prevent other jars from imitating it

The content of this article comes from the network collection of netizens. It is used as a learning reference. The copyright belongs to the original author.

THE END

Java

二维码

Java – can ThreadLocal be safely used with Tomcat NiO connector

< <上一篇

Perfectly solve the related problems about prohibiting viewpager preloading

下一篇>>

搜索内容

Java – validate HTTP requests from signed jars

Solution

热门文章