通过HTTPS进行M2M通信 - 如何进行身份验证?
I'm currently working on a PHP portal for a machine-seller. His machines are capable of communicating over the internet with an integrated SBC with LAN port. The consumers who bought a machine can 如何在我的ExpertOption帐户中存入资金? configure it online after they logged in to the machine-sellers-portal.
After they configured it online, they can download the configuration file via the HMI (touch display 如何在我的ExpertOption帐户中存入资金? at the machine itself) to the machine. The configuration file contains valuable and private information. The HMI is not browser based. It's a binary application that has, for example, a button "如何在我的ExpertOption帐户中存入资金? Load config". The rest has to be done in bash/php-scripts in the backround.
Solution for authentication?
I'm in a very early state of conception, but I'm wondering about some processes. I'如何在我的ExpertOption帐户中存入资金? ve never had a machine thats needs access to my services, only humans. What is the way to do this actually?
I have three approaches:
1. Access with "API-Key"
Means: In 如何在我的ExpertOption帐户中存入资金? the OS of the SBC lies a file containing a sequence like 8asd7d7d . When I receive a GET -request to portal.company.com/getConfig/8asd7d7d I know from which machine it comes and that it is allowed to receive this config.
Disadvantage: The buyer has access to the SBCs file system. He could destroy the file by accident. He could 如何在我的ExpertOption帐户中存入资金? find out the generating scheme 如何在我的ExpertOption帐户中存入资金? and download configuration files from other buyers.
2. Generating one-time UUID-URL
Means: The consumer creates his configuration online. After that, he gets displayed a one-time URL like portal.company.com/getConfig/d8ac2292ea1fec3fe5c65e6ef573 which he can enter in the HMI and load the file.
Disadvantage: The consumer has to type a long 如何在我的ExpertOption帐户中存入资金? URL into the display of the HMI.
3. Simulating the human authentication process
Means: The machine sends a valid post-request to portal.company.com/login with the login-data of its human owner. It gets a session-cookie (is that even possible in a non-browser environment like pure PHP-scripts?!) and the portal logic knows which URLs are accessible and which not (like for a human visitor).
Any 如何在我的ExpertOption帐户中存入资金? other/better ideas?
I tend to use solution 2 as it's relatively easy to implement and hopefully secure (lets pretend a sha512-string as URL-parameter). Do you have any better suggestions? Mind, that the other way round is not 如何在我的ExpertOption帐户中存入资金? possible, the portal can not 如何在我的ExpertOption帐户中存入资金? actively push data to the machine (as it has no fixed IP, no webserver, . )
Windows上的Behat - 截图
I've got several Behat 如何在我的ExpertOption帐户中存入资金? tests that take screenshots using something similar to this:
Does anyone know of a Behat plugin or extension that can compare two screenshots? And it must work on Windows.
图片转代码服务由CSDN问答提供
$ driver-> getWebDriverSession() - > screenshot();
有没有人知道可以比较的Behat插件或扩展程序 两个截图? 它必须在Windows上运行。
微信扫一扫
2条回答 默认 最新
相关推荐 更多相似问题
回答 3 已采纳 If the issues is not from the yml setup then you might have some custom code in the FeatureContext
回答 1 已采纳 In Behat2, Given/When/Then classes were used for step chaining. Since this technique 如何在我的ExpertOption帐户中存入资金? brought more
回答 2 已采纳 It turns out that I had followed several out of date tutorials which used an old, unmaintained 如何在我的ExpertOption帐户中存入资金? 如何在我的ExpertOption帐户中存入资金? ver
这个 repo 的目的是让使用 behat 变得非常容易。 离开这个仓库你需要做的就是 Selenium Jar 文件下载 作曲家 Saucelas 帐户(可选) 安装和设置这些项目后,您将能够在本地或通过 Saucelas 运行测试,并根据需要.
weixin_39526238的博客 如题codeception 单元测试 Undefined index: HTTP_HOST 报错测试驱动代码:commonconfigmain.php 跨域登陆代码 :测试驱动运行到common\config\main.php时 报 Undefined index: HTTP_HOST 错误 请问如何解决.