Works like a charm. Thanks guy!
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/Disabling-HMAC-check-tp5718156p5718212.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
-
To unsubscr
But please don't use "rIbShOefrOze77SPy12niBS" since that particular string
is no longer private. Make up one of your own.
On Wed, Nov 21, 2012 at 8:44 PM, angelochen wrote:
> I was the one asking that question before, I am using this:
>
> configuration.add(SymbolConstants.HMAC_PASSPHRASE,
> "rI
1) http://www.random.org/strings/ will generate a random string for you if
you can't think of one on your own
2) Put that string into your AppModule class.
configuration.add(SymbolConstants.HMAC_PASSPHRASE,
the-random-string-goes-here);
On Wed, Nov 21, 2012 at 8:09 PM, TG wrote:
> Non-random
I was the one asking that question before, I am using this:
configuration.add(SymbolConstants.HMAC_PASSPHRASE,
"rIbShOefrOze77SPy12niBS");
any string should work.
TG wrote
> Non-random string? How do I do that?
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/Disabli
Non-random string? How do I do that?
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/Disabling-HMAC-check-tp5718156p5718173.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
-
To uns
On Wed, 21 Nov 2012 19:57:11 -0200, TG wrote:
Yes, it expires the session. How do I disable the warning?
Have you tried a non-random string?
--
Thiago H. de Paula Figueiredo
-
To unsubscribe, e-mail: users-unsubscr...@tapes
Yes, it expires the session. How do I disable the warning?
--
View this message in context:
http://tapestry.1045711.n5.nabble.com/Disabling-HMAC-check-tp5718156p5718170.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
--
This was discussed previously on the list, but having a random string would
be a bad idea, especially if you do some kind of load balancing between
servers (e.g. server1 would get a different passphrase from server2, and
server 2 will not want to process form submissions from server 1).
I don't th
Error message is "The symbol 'tapestry.hmac-passphrase' has not been
configured. This is used to configure hash-based message authentication of
Tapestry data stored in forms, or in the URL. You application is less
secure, and more vulnerable to denial-of-service attacks, when this symbol
is not con
Error message is "The symbol 'tapestry.hmac-passphrase' has not been
configured. This is used to configure hash-based message authentication of
Tapestry data stored in forms, or in the URL. You application is less
secure, and more vulnerable to denial-of-service attacks, when this symbol
is not con
Error message is "The symbol 'tapestry.hmac-passphrase' has not been
configured. This is used to configure hash-based message authentication of
Tapestry data stored in forms, or in the URL. You application is less
secure, and more vulnerable to denial-of-service attacks, when this symbol
is not con
Error message is "The symbol 'tapestry.hmac-passphrase' has not been
configured. This is used to configure hash-based message authentication of
Tapestry data stored in forms, or in the URL. You application is less
secure, and more vulnerable to denial-of-service attacks, when this symbol
is not con
On Wed, Nov 21, 2012 at 5:55 PM, TG wrote:
> Our app does not need this, we have our own timeout check. This check
> interfere with ours. How do we disable this without getting the warning on
> the screen?
>
>
I don't get what HMAC and "timeout" have in common, would you elaborate
more?
Cheers
-
13 matches
Mail list logo
