The key implementation changed recently to be less "complicated".

Security Service setup

This wiki page explains how to create a security key, which is needed to enable the security service.

Choose a “private” key and client ID

First you need a database with a table to store the client ID and a "private" key

  • “private” key: <myprivatekey>
  • client_id: <myclientid>

To store the client ID and API key create a table in a PostgreSQL database and insert the "private" key(s) with client ID, for example:

auth=# CREATE TABLE users(id serial, client_id text NOT NULL, key text NOT NULL); 

auth=# INSERT INTO users(client_id,key) VALUES('routing','1234567890abcdefghi');

Generate additional request parameters

  • signature: md5(<myclientid>)
  • api_key: md5(<myclientid>)

Configure service

Before starting the service you need to add the security service in configuration.xml to each provider that should require authentication:

<service name="security" title="Security" enable="true">
	<description>Authentication service</description>

	<connection driver="org.postgresql.Driver">

		<query transformProjectionIn="false" transformProjectionOut="false">SELECT client_id, key FROM users</query>		

		<parameter name="api_key" type="text" codename="api_key" required="true" />
		<parameter name="signature" type="text" codename="signature" required="true" />
		<parameter name="id" type="text" codename="id" required="true" />