[
https://issues.apache.org/jira/browse/CAUSEWAY-3988?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andi Huber updated CAUSEWAY-3988:
---------------------------------
Description:
When the env var {color:#000000}causeway_hmac_sha256{color} is set to a comma
separated list of signed integers, those are read in as (signed) bytes and used
as the HMAC secret for digitally signing viewmodel bookmarks. A minimum of 16
bytes is required, we recommend 32.
It allows an application's bookmarks to be valid beyond application restart.
was:
When the env var
{color:#000000}{color:#1144c0}causeway_hmac_sha256{color}{color} is set to a
comma separated list of signed integers, those are read in as (signed) bytes
and used as the HMAC secret for digitally signing viewmodel bookmarks. A
minimum of 16 bytes is required, we recommend 32.
It allows an application's bookmarks to be validity beyond application restart.
> [Security] Support for Env Var provided HMAC Secret
> ---------------------------------------------------
>
> Key: CAUSEWAY-3988
> URL: https://issues.apache.org/jira/browse/CAUSEWAY-3988
> Project: Causeway
> Issue Type: Improvement
> Components: Core
> Reporter: Andi Huber
> Assignee: Andi Huber
> Priority: Major
> Fix For: 4.0.0-M2
>
>
> When the env var {color:#000000}causeway_hmac_sha256{color} is set to a comma
> separated list of signed integers, those are read in as (signed) bytes and
> used as the HMAC secret for digitally signing viewmodel bookmarks. A minimum
> of 16 bytes is required, we recommend 32.
> It allows an application's bookmarks to be valid beyond application restart.
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
