Skip to content

Security

Philip Helger edited this page Jun 5, 2019 · 1 revision

Security considerations

As the SMP is publicly available on HTTP port 80 and does not require a client certificate or anything the like it especially the modifying actions (HTTP PUT, POST and DELETE) must be handled with special care to avoid man in the middle attacks. Even though HTTP BasicAuth is used this is not really added security, as the username and password are only Base64 encoded - which is easily decodable - and are therefore vulnerable to Man in the Middle attacks.

The recommended scenario is to additionally configure the SMP to run on HTTPS (on any port other than 80), and do the modifying actions only via HTTPS. BasicAuth is required anyway but the data is not readable by third-parties because of the underlying transport security. This is something that is currently technically not available but should be used as a convention when running an SMP with this implementation.

For a future release it may be of value when the modifying actions are presented with a separate path prefix (e.g. /secure) which can than easily be used to forward all HTTP request on /secure/* to HTTPS automatically.

Currently the following predefined paths are available outside the minimum REST API:

  • /stream
  • /public
  • /secure
  • /ajax
  • /resbundle
  • /smp-status
  • /error
  • /logout
  • /favicon.ico
You can’t perform that action at this time.