Ask a Question
Log In / Sign Up
Choose a Product Community
AlertSite
AQTime Pro
BitBar
Collaborator
CrossBrowserTesting
Cucumber Open Source
CucumberStudio
LoadComplete
LoadNinja
QAComplete
ReadyAPI
SoapUI Open Source
Swagger Open Source
SwaggerHub
Swagger Inspector
TestComplete
TestLeft
Zephyr Scale
Zephyr Squad
Zephyr Enterprise
Resources
Ask a Question
Log In Sign Up

sign and encrypt the request value?

SOLVED
Solved
prometheus
Occasional Contributor
‎10-10-2021 09:29 AM
‎10-10-2021 09:29 AM

sign and encrypt the request value?

Dear all

 

I need to test a REST API via HTTPS, 

Between communication with server, certificate , encryption , decryption sometimes are necessary.

 

There are several input values in a request,

one of the requests should be signed with the private key.

Another value should  be encrypted with session key and the session key should be made by client.

 

How could I handle this kind of request? Use Event Handler?

 

Thanks 

 

kind regrads

 

Prometheus

How could I create a session key?

 

 

 

0 Kudos
2 REPLIES 2
richie
Community Hero
Community Hero
‎10-11-2021 11:48 AM
‎10-11-2021 11:48 AM

Hey @prometheus,

I will respond properly in a little while if no one else has answered. Sorry. Still stuck in work

Cheers

Rich
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta
0 Kudos
richie
Community Hero
Community Hero
‎10-11-2021 01:22 PM
‎10-11-2021 01:22 PM

Hey @prometheus,

To answer your specific question:
No, i wouldnt expect you to use event handlers to do anything related to your authentication/authorisation.

We'd need A LOT more information before we could give specifics (so the more info you provide, the more effective people's help will be) cos the subject of authentication/authorisation is huge and there are many different ways of doing the same thing.

For example. You mention that one of your requests needs to be signed by a private key. I once tested something i was told also needed signing by a private key. So when i thought about private keys i started thinking "ok so there must be a public key component, so we're talking some usage of assymetric encryption, blah, blah, blah", but in the end i discovered there was a private key (an alpha numeric value) that was added as an HTTP header all the hashing and subsequent process needed to generate the signature was completely bastracted out and i didnt have to do anything except add a value to a header....That was it!

I kmow i havent helped per se, but hopefully ive given a bit of context.

Ta

Rich

if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: