Hi all, I am making a webapp that lets user keep track of hours, an overview of projects and related clients. Instead of the traditional page refresh model to add/get data I want to use coldfusion webservies (access='remote' and JSON)to add/get/update data. I wonder what are the security issues involved? I read somewhere access='remote' should be used as little as possible so as not to expose business logic. What about this: have a 'proxy' cfc function with access='remote' that sits between the outside world an the cfc's. So a call to any function (wit access='private')should be a call to this 'proxy' function that in turn calls the intendend function, let it do its job and returns data to the requesting website. Is this approach more secure or does it only add an extra layer of complexity? I'm curious what you think. Thanks
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;160198600;22374440;w Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:256001 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5
