Welcome! Log In Create A New Profile

Advanced

Re: Secure Link Md5 with Primary and Secondary Secret

Francis Daly
June 12, 2018 01:24PM
On Tue, Jun 12, 2018 at 08:09:18AM -0400, anish10dec wrote:

Hi there,

> There is requirement for token authentication using two secret key i.e
> primary and secondary secret for location block.

If this is the same scenario as in
https://forum.nginx.org/read.php?2,275668 and in
https://forum.nginx.org/read.php?2,278063 then I'm pretty sure that the
answer is the same as those times.

> If token with first secret gives 405, then to generate the token with second
> secret to allow the request.

There is a suggested untested config in an earlier response. Does it
work for you?

> This is required for changing the Secret Key in production on server so that
> partial user will be allowed with old secret and some with new secret for
> meanwhile till secret is updated on all servers and client.

If the client knows it, it's not a secret.

f
--
Francis Daly francis@daoine.org
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

Secure Link Md5 with Primary and Secondary Secret

anish10dec June 12, 2018 08:09AM

Re: Secure Link Md5 with Primary and Secondary Secret

anish10dec June 12, 2018 08:16AM

Re: Secure Link Md5 with Primary and Secondary Secret

Francis Daly June 12, 2018 01:24PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 66
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 254 on July 05, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready