Websydian v6.1 online documentationOnline documentation - Websydian v6.5

Other Uses of the Integrity Module


Overriding the Default Error Message

When an event is activated and thereby an event handler function called, the event handler function checks the digital signature against the expected value.  If the hidden fields of the HTML form have been changed intentionally, the field WsyBase<SignatureValid> is set to the value <*No>, and a default message is generated and sent to the user.

To override this default message, insert the action diagram statement;

+++Undefine Field: +ErrorInSignature

in the 0 Signature check failed edit point.  This will disable the call to the function and generate an Error Page.  Instead, the application developer must insert a call to his own Page Generator function.

Deselecting Fields From Signing

For an Event Handler function with digital signing, the signature is received by the Event Handler along with the other fields of the event.  However, only the hidden fields of the event are used to generate the Digital Signature.

By default, all the fields of the Hidden variable will be used to sign the event.  Individual fields can be deselected from the signature handling by adding the fields to the ExcludeFromSign variable.  The field Signature is already located in this variable, since the field WebInput<Signature> is used to store the generated signature sent with the event.

Note that the fields in the Hidden and ExcludeFromSign variables are not used to store any values at run-time.  These variables are used to specify information about the fields in the WebInput variable and they are used only at generation time to generate application specific code.

Replacing the Signature Function

The calculation of the Digital Signature code is performed by the SignFields function.  If another calculation algorithm is needed, this function must be replaced by your own calculation algorithm for all Event Handlers and Page Generators that use the Digital Signature functionality.