Using Delphi to develop multi-layer applications (10) Secure Access Server

I have discussed how to create and access the server, but the server created previously has no security control. There are a lot of security issues. First, anyone who works as a client can access the server.

Server. Second, data is clearly coded during network transmission and is not encrypted. You can use the network listener to detect the transmitted content. This is not allowed by a standard system. Today

Let's talk about how to securely access the server.

First, we need to use encryption to ensure the security of data transmitted over the network. First, we need to add a tkbmmwdcp2crypt on the server. This is the encapsulation of dcp2crypt by kbmmw,

Dcp2crypt is an open-source library for encryption and verification implemented by Pascal. Kbmmw uses it to encrypt data during network transmission.

In tkbmmwtcpipindyservertransport, set crypt to kbmmwdcp2crypt1.

In addition, we need to authenticate the client through the user name and password. In the Server Authentication event, add the following code:

Procedure tform1.kbmmwserver1authenticate (Sender: tobject;
Clientident: tkbmmwclientidentity; var perm: tkbmmwaccesspermissions );
Begin
If (clientident. Username = 'xalion ') and (clientident. Password = '000000') Then // you can use the permission library to authenticate the client.
Begin
Perm: = [mwapread, mwapwrite, mwapdelete, mwapexecute, mwapinternalexecute] // different server access permissions can be subdivided here
End;
End;

At the same time, set the earlyauthentication of kbmmwserver to true.

The server is complete and can be compiled and run.

 

Now let's look at the client. We also need to add a tkbmmwdcp2crypt and set the crypt of kbmmwtcpindyclienttransport.

Kbmmwscp2crypt.