Using Delphi to develop multi-layer applications (10) Secure Access Server

Source: Internet
Author: User
Tags crypt

I have discussed how to create and access the server, but the server created previously has no security control. There are a lot of security issues. First, anyone who works as a client can access the server.

Server. Second, data is clearly coded during network transmission and is not encrypted. You can use the network listener to detect the transmitted content. This is not allowed by a standard system. Today

Let's talk about how to securely access the server.

First, we need to use encryption to ensure the security of data transmitted over the network. First, we need to add a tkbmmwdcp2crypt on the server. This is the encapsulation of dcp2crypt by kbmmw,

Dcp2crypt is an open-source library for encryption and verification implemented by Pascal. Kbmmw uses it to encrypt data during network transmission.

In tkbmmwtcpipindyservertransport, set crypt to kbmmwdcp2crypt1.

In addition, we need to authenticate the client through the user name and password. In the Server Authentication event, add the following code:

Procedure tform1.kbmmwserver1authenticate (Sender: tobject;
Clientident: tkbmmwclientidentity; var perm: tkbmmwaccesspermissions );
Begin
If (clientident. Username = 'xalion ') and (clientident. Password = '000000') Then // you can use the permission library to authenticate the client.
Begin
Perm: = [mwapread, mwapwrite, mwapdelete, mwapexecute, mwapinternalexecute] // different server access permissions can be subdivided here
End;
End;

At the same time, set the earlyauthentication of kbmmwserver to true.

The server is complete and can be compiled and run.

 

Now let's look at the client. We also need to add a tkbmmwdcp2crypt and set the crypt of kbmmwtcpindyclienttransport.

Kbmmwscp2crypt.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.