Online documentation - Websydian v6.0

Users Guide | Patterns Reference | WebsydianExpress | Search

 

Integrity Module Example

In the example below, three template patterns are defined that implements integrity by Digital Signature.  All Page Generator and Event Handler functions that inherit through these templates digitally signs fields passed by and to the web browser.  These three template patterns themselves inherit from the Integrity patterns:

Specifying integrity for application functions

The example shows the inheritance triples of the three template patterns in the Personnel Demo application.

Below is an example of the HTML code generated by a Page Generator function with Integrity Control.  The Digital Signature is generated as a hidden field of the HTML form, and it will be validated by the Event Handler function receiving the request:

Signature in generated HTML code

A hidden digital signature field is included in each Event Handler form of the generated HTML page.

If any of the hidden fields in the form are changed (including the Digital Signature) and the form is submitted to the web server, an error page will be generated as a response to the web user.  The MD2 signing algorithm guarantees that the new correct Digital Signature cannot be guessed, if any of the hidden fields have been changed by the web user before the form is submitted.