Hi Stephen, Thank you very much for your assistance.
Thanks Satyajit Restricted - External From: Stephen Darlington <stephen.darling...@gridgain.com> Sent: Tuesday, September 7, 2021 7:48 PM To: user <user@ignite.apache.org> Subject: Re: Calling Ignite Rest endpoint using secret key CAUTION: This email originated from outside our organisation - stephen.darling...@gridgain.com<mailto:stephen.darling...@gridgain.com> Do not click on links, open attachments, or respond unless you recognize the sender and can validate the content is safe. It looks like the implementation doesn't exactly match the comment - should probably open a ticket. But, this works: #!/usr/bin/env python3 import hashlib import base64 import time import requests as req password = 'password' millis = int(round(time.time() * 1000)) param = f'{millis}:{password}' hash_pass = hashlib.sha1(param.encode('utf-8')).digest() str_pass = base64.b64encode(hash_pass).decode('utf-8') headers = { 'X-Signature' : f'{millis}:{str_pass}' } resp = req.get('http://localhost:8080/ignite?cmd=version', headers=headers) print (resp.text) Basically, you pass in a X-Signature header with a string in the format "x:y". X = the time in ms Y = base64 ( sha1 ( "x:secretkey" ) ) Yes, you include the time and use the time as part of the hash. For this (and other reasons) I'm not sure that this is a good mechanism. If you want to secure it, use TLS, add authentication. Regards, Stephen On 7 Sep 2021, at 12:44, satyajit.man...@barclays.com<mailto:satyajit.man...@barclays.com> wrote: Hi Team, Can someone please suggest here. There is no example how to call a rest url with secret key as per below documentation. setSecretKey(String) Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key. Thanks Satyajit Restricted - External From: Mandal, Satyajit: IT (PUN) Sent: Friday, September 3, 2021 3:41 PM To: 'user' <user@ignite.apache.org<mailto:user@ignite.apache.org>> Subject: Calling Ignite Rest endpoint using secret key Hi Team, Can someone provide example how we can invoke Ignite Rest Endpoint using encoded secret key in header. There is not much example . Any sample will help which is working. https://ignite.apache.org/docs/latest/restapi<https://clicktime.symantec.com/3Ft9JRCAq7Phd13THXbqccn6H2?u=https%3A%2F%2Fignite.apache.org%2Fdocs%2Flatest%2Frestapi> <property name="connectorConfiguration"> <bean class="org.apache.ignite.configuration.ConnectorConfiguration"> <property name="SecretKey" value="these.signatures"/> </bean> </property> setSecretKey(String) Defines secret key used for client authentication. When provided, client request must contain HTTP header X-Signature with the string "[1]:[2]", where [1] is timestamp in milliseconds and [2] is the Base64 encoded SHA1 hash of the secret key. Thanks Satyajit _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ "This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer<https://clicktime.symantec.com/3EYPv6rW8Af52GsfyfEjWJj6H2?u=http%3A%2F%2Fwww.barclays.com%2Femaildisclaimer>. For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer<https://clicktime.symantec.com/3WsWiDHFq9GMFuabBAiWAQg6H2?u=http%3A%2F%2Fwww.barclays.com%2Fsalesandtradingdisclaimer> regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html<https://clicktime.symantec.com/3MydMFf8wFafWGXFJgdhH4U6H2?u=https%3A%2F%2Fwww.investmentbank.barclays.com%2Fdisclosures%2Fbarclays-global-markets-disclosures.html> regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com<https://clicktime.symantec.com/3BorrHMcYqWqhDsJGPxhphe6H2?u=http%3A%2F%2Fpublicresearch.barclays.com%2F>." _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html<https://clicktime.symantec.com/3EbikRF6KKstQs8HhbDmdG66H2?u=https%3A%2F%2Fwww.home.barclays%2Fdisclosures%2Fimportantapacdisclosures.html>for important disclosure. _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html<https://clicktime.symantec.com/3VCTbhtkSGkL3PMJn2g6cj56H2?u=https%3A%2F%2Fwww.investmentbank.barclays.com%2Fdisclosures%2Fpersonalinformationuse.html> _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ This message is for information purposes only, it is not a recommendation, advice, offer or solicitation to buy or sell a product or service nor an official confirmation of any transaction. It is directed at persons who are professionals and is not intended for retail customer use. Intended for recipient only. This message is subject to the terms at: www.barclays.com/emaildisclaimer. For important disclosures, please see: www.barclays.com/salesandtradingdisclaimer regarding market commentary from Barclays Sales and/or Trading, who are active market participants; https://www.investmentbank.barclays.com/disclosures/barclays-global-markets-disclosures.html regarding our standard terms for the Investment Bank of Barclays where we trade with you in principal-to-principal wholesale markets transactions; and in respect of Barclays Research, including disclosures relating to specific issuers, please see http://publicresearch.barclays.com. _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ If you are incorporated or operating in Australia, please see https://www.home.barclays/disclosures/importantapacdisclosures.html for important disclosure. _________________________________________________________________________________________________________________________________________________________________________________________________________________________________ How we use personal information see our privacy notice https://www.investmentbank.barclays.com/disclosures/personalinformationuse.html _________________________________________________________________________________________________________________________________________________________________________________________________________________________________
