.03 | applicationcode(+) | 0;3 | FREE TEXT | | ACODE | This is the hashed value for a security phrase for the application and is
described below.
Security Phrase
The security phrase is an application's entry into the REMOTE APPLICATION
file (#8994.5) for accessing the information necessary to permit the
application to enroll a remote user. Create a security phrase, case
sensitive, and at programmer mode use the command (assuming the security
phrase is "My Special Phrase")
W $$EN^XUSHSH("My Special Phrase")
The resulting value:
"I&f).c`u:7@01#tL((x"
This is the one-way hash value for the security phrase. It is this
hashed value that will be entered into the ApplicationCode field (#.03)
in the REMOTE APPLICATION file (#8994.5) for the application.
To make a remote connection, the application will have the user sign onto
the application's authenticating server (the one entered as
CallbackServer) and then obtain a Token for the user (similar to
"XWBHDL977-124367_0") using the "XUS SET VISITOR" RPC. The application
will then disconnect from the authenticating server and set the new
SecurityPhrase property for the TRPCBroker component to the unhashed
security phrase concatenated with a caret ("^") and the token for the user
(e.g., "My Special Phrase^XWBHDL977-124367_0")
This property will be encoded and passed to the remote server for
authentication; it will hash the security phrase and use the resulting
value to identify the application's entry in the REMOTE APPLICATION file
(#8994.5). The mechanism(s) for contacting the authenticating server
will be identified and the authentication server will be requested to
provide the demographic information necessary to identify the user and
create or match an entry in the NEW PERSON file (#200) based on the token
provided. With this information the user will be set up as a visitor
entry and provided the context option specified. The application will
then be notified that the user is connected. If there is no entry for
the application, no match for the token, or the authenticating server can
not be connected, the user will be prompted with a regular sign on screen
(i.e., required to enter their Access and Verify codes).
Since the security phrase is the application's identifier, we recommend
that the security phrase in RPCBroker Delphi-based programs be identified
as a const value in an include file. And that a substitute include file
containing a phrase similar to that used above be included with release
of the source code. It must be realized that the security phrase
identifies any application that uses it as your application, and it
would, of course, be desirable that rogue applications not appear to be
your application. |