Configuring Request Validation

Info*Engine provides a mechanism for signing and validating requests to process information on remote Info*Engine task processors and out-of-process adapters.

By setting the server or adapter .secret.text or .secret.text2 properties, you provide an arbitrary text string that is used to sign outgoing requests and validate incoming requests. Each request is signed using java.security.MessageDigest and a MessageDigest algorithm. By combining the secret text and the request information, Info*Engine generates a unique fingerprint. This fingerprint is converted into a string of hex characters and inserted into the request as metadata to be read back and verified by the receiving Info*Engine server or out-of-process adapter.

The .secret.text2 property generates a more comprehensive request signature than the .secret.text property. Use .secret.text2 instead of or in addition to .secret.text for validating with task processors and adapters.

The following sections describe how to set these properties for a remote task processor or a remote Windchill adapter.

If you set the .secret.text and .secret.text2 values in LDAP (instead of using the properties listed), ensure that your LDAP is secure.