H+H Software GmbH
H+H Software GmbH
Deutsche Sprache English Language Login
  Business area | Reference customer | Case studies | Events | Contact | Terms | Imprint |
H+H Software GmbH
Home
Product overview
NetMan
NetMan Desktop Manager
HAN
Virtual CD
H+H Projects
our partners
H+H Events
Events
H+H Service
H+H Support
Applications and their characteristics
Knowledgebase
PDF Documents
H+H Image Database
Newsletter
Knowledgebase-Eintrag #3664 HAN.V5
HAN header authentication
HAN 5 offers header authentication as an additional e-script property.

Configure this setting only if requested by HAN Support or the provider!

The idea behind header authentication is that HAN can send unique information to providers that make the use of resources by customers and their end users transparent. The header option also serves as an additional option for access differentiation and authentication.

The information to be sent can be determined in consultation with the provider. For security reasons, you can use a hash to protect the sent values from external changes. A salt is defined for this, which is only known to the provider and the HAN server. The individual values are:

  • S: FQDN of the HAN server
  • U: Hash of the user currently logged on to HAN (the name can also be sent in clear text in consultation with the customer)
  • T: Time stamp (UTC) format is year, month, day, hour, minute, seconds
  • H: Hash over a salt (determined by both sides) and the header variables used. SHA1 or MD5 can be used. The value is generated as follows: Hash(Salt+S=X&U=Y&T=Z)

In addition, the HAN server can tell in a separate header or as a further variable whether the access took place internally or externally. For this purpose, the HAN stores which IP addresses are considered internal.

The header can be sent in plain text or Base64 encoded. The name of the header is also freely configurable.

An example of such a headar could be: X-HANAuth: S=handemo.hh-software.com&U=%7BSHA%7DEsCoJc%2F7Y9QI2uqbmY%2FA0HYPc3E%3D&T=20190130145612&H=%7BSHA%7DSHUyCaDxGLsH9W1G0zWbNk2VIVI%3D

If you are interested, please contact H + H, who will establish a contact with the provider. A list of providers which already support this will be available shortly.

08.07.20, Hartmut Mäcker
Knowledgebase
Search:

Knowledge area: