Original Generic Reporting Intranet Release
Although it has only been about a month since the last release one feature that was really missing was "back-end security". Of course the support for SSL encryption of the traffic between the web server and the client is a given; however the web server must communicate with the authentication service and any server that actual host reports that are available via this tool-set.Hence the latest release (available from here) - version 0.9.0 - adds RSA Encryption support for those communications. This is entirely optional but is strongly recommended. However it is fairly easy to set up; but once enabled all servers that provide reports must make use of it.
The actual protocol in use attempts to be quite lightweight - so only the initial exchange to generate a random key using RSA encryption - once key has been securely exchanged the remainder of the communication will make use symmetric compression for improved performance.
Perl provides two basic modules for providing RSA encryption:
Crypt::RSA
Crypt::OpenSSL::RSA
OGRI can make use of either - however whichever is used must be used consistently across all machines! This is simply because the format and content of the public/private key files are not inter-changeable.
No comments:
Post a Comment