Increasingly we are using Web Services to communicate between NAV companies.  In a production environment these communication is usually secured by the SSL standard. When the communication is sent over the Internet I would recommend that a secure ping be added before every communication to make sure that the correct machines are speaking together.

The payment service module in NAV 2013 R2 has an encryption functionality.  I am using this functionality every time that I store user names and passwords in the database. This encryption functionality is based on the key located in the Online Service add-in folder.

KeyLocation

You can copy the Providerkey.key file from one server to another or use the Payment Service Connection Setup page to upload, download, delete and to create a new key.

EncryptionSetup

Create a function and add to you web service.

EncryptedPingWebService

 

The encrypted string is then decrypted and compared with the original string sent.

EncryptedPing

The EncryptionMgt refers to Codeunit 824.  A possibility to add the secret as a parameter to every web service call and skip the preceding ping function.  The code examples can be downloaded from Objects4NAV.

 

Leave a Reply

%d bloggers like this: