Online documentation - Websydian v6.0

Users Guide | Patterns Reference | WebsydianExpress | Search
 

Implementing Integrity Control

Introduction    Implementing     Other Uses    Parts    Example    Background

Implementing Integrity Control is straight forward and requires only a few steps.

Inherit from Integrity Patterns

All Event Handler functions in the application that are to implement Integrity Control must inherit from the EventHandlerWithSignature pattern.  In addition, any Page Generator function using one or more Event Handlers with digital signature must inherit from the PageGeneratorWithSignature pattern.

Example:

MyPageFunction is a FNC PageGeneratorWithSignature
MyPageFunction.Event1 is a FNC EventHandlerWithSignature
MyPageFunction.Event2 is a FNC EventHandlerWithSignature

Specifying the Secret Key

In the Websydian application, an algorithm should preferably be specified to retrieve the private signature key (secret key) used as input for the Digital Signature algorithm.  To make the application secure, the key should be saved in a table or data area that only the application and the system operator have access to.

Each Event Handler and Page Generator including the Digital Signature functionality must then call this algorithm to set the value of the SignatureKey field.

Example:

Retrieving secret key for signature calculation

The example shows the edit points to use and the local fields to assign to set the value of the secret key used for the Digital Signature algorithm.  The assignment is shown for a Page Generator as well as an Event Handler function.

If no value is assigned to the secret key field, the key will be set to the name of the AllFusion Plex group model by the SignFields signature function.  If so, it will be difficult, but theoretically possible to break the Integrity Control for someone knowing the key and the algorithm used.

Generate and Build

Event Handler and Page Generator function, for which Digital Signature functionality has been included, need to be regenerated and recompiled.  This is also the case with the Document Template Generators scoped under the Page Generator functions, and  in turn these must be rerun to produce Document Templates containing Digital Signature markers.

An implication of using the Integrity patterns is that whenever the hidden fields of an Event Handler function are changed, the Page Generator functions using the Event Handler must also be regenerated and compiled.