On Wed, Apr 25, 2012 at 12:20, Evelthon Prodromou <prodromou.evelt...@ucy.ac.cy> wrote: > I don't think the generated bitstream checksum can be used in this > case. The sum needed in lighttpd's case is the md5 sum of a > concatenated string. The string is made up of a secret pass, the file > name with a forward slash in front, and a time string that was > previously converted to it's hex value.
OK, I didn't know that. In that case, the approach I described won't work. You'd have to calculate the checksum in Java in an aspect and insert it into the DRI (the XML document processed by XSLT). You might be able to find an XSLT implementation of the MD5 algorithm, but I'd really avoid that. Also keep in mind that DSpace currently uses XSLT 1.0, not 2.0. > On the other hand i don't think one can trust the HTTP referer since it > can be manipulated. That's correct, although it must be done consciously by the client, there's no way of another site publishing a link that forces a client to use a different referer. I thought you only wanted to reduce load on your servers, not catch every single access. Regards, ~~helix84 ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
