To: Heading_
Smallsite Design logo (SD) 390x390px

Smallsite Design

Technology

Accessing the license server

!

Licenses are the key to operation and a domain is assigned to them. Domains are unique, so that provides a means of restricting who can access the license server.

The process relies upon that once the server knows the domain name, it can communicate directly with that domain's site, so the site requests some information from the server by telling it its domain name. The server knows all the valid domains, so an unknown domain's site cannot get any information from the server. A site could send a request on behalf of another domain, but any response will be sent to that other domain instead. Hence the server will only send information to a legitimate domain.

However, a little bit of handshaking is required to ensure that both are dealing with the same request. For this, the requesting site sends a 256bit ID with the domain name. The site checks every second for 30 seconds for a reply that uses that ID. If no reply is received in that time, it deletes its request ID.

The server sends back the request ID and its own 256bit transaction ID. It then checks every second for 30 seconds for a reply. If none is received, it deletes the transaction ID. The site checks if there is a match to its request ID, and if so, sends the server's transaction ID with the request details for the information required.

The server checks if there is a match to the transaction ID, and that the request details are valid. If they are, it replies with the transaction ID and the information. The site checks for a match to the transaction ID and if so, processes the information. If anything is invalid either end, the process ends completely, with no more requests or responses.

This process ensures that any response to a request is only sent to the domain cited in the request after being verified as a valid domain, and that a site ignores any response to a request that it did not originate. The https protocol ensures the codes cannot be accessed in transit. Except for its management pages and valid information requests, any access to the license server is ignored or greeted with a 503 code.

To save using the overhead of such a handshake mechanism for a site to find out what versions are available, they are listed in a file in the license server root, and it is requested when a master manager goes to the Work list page. This is so an indicator that a new version is available can be shown next to the Versions button. However, when they visit the Versions page, the handshake is used to get more in-depth information about each version.

The license code is not required for getting new versions because the transaction is guaranteed to be valid without it by using the handshake, but other license operations will require it be entered on the Site page.

LinksLatest articles&Subsite links

Powered by   Smallsite Design  ©Smallsite™  Privacy   Manage\