still use the username / password in the URL line even after I applied all
of the IE patches. Wonder if Office XP Web Services Toolkit has the same
security issues the IE has. Not that it will be an issue for this
application.
<https://bob:[EMAIL PROTECTED]/getdata.cfc?wsdl>
https://bob:[EMAIL PROTECTED]/getdata.cfc?wsdl
Mark W. Breneman
-Cold Fusion Developer
-Network Administrator
Vivid Media
[EMAIL PROTECTED]
www.vividmedia.com <http://www.vividmedia.com/>
608.270.9770
_____
From: Burns, John D [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 1:35 PM
To: CF-Talk
Subject: RE: Password protect a webservice
That was my understanding as well is that it wouldn't work in IE. I'm
curious what the username/password attributes in cfinvoke check against.
Anyone know?
John
-----Original Message-----
From: Mark W. Breneman [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 1:18 PM
To: CF-Talk
Subject: RE: Password protect a webservice
Just a FYI for everyone. Looks like passing a user name and password to
the webservice using <https://bob:[EMAIL PROTECTED]>
https://bob:[EMAIL PROTECTED]/getdata.cfc using folder / file security
on the webserver does work with Office XP Web Services Toolkit 2.0.
The only question I have is how does IE latest security "fix" work with
this? It is my understanding that IE will no longer correctly deal with
the user/pass in the URL. Cumulative Security Update for Internet
Explorer (832894)", which disables the user:pass@ way of authentication.
Does this
also apply to Microsoft Office XP Web Services Toolkit 2.0 in this
case MS
access or the VB editor in access?
Mark W. Breneman
-Cold Fusion Developer
-Network Administrator
Vivid Media
[EMAIL PROTECTED]
www.vividmedia.com <http://www.vividmedia.com/>
608.270.9770
_____
From: Cutter (CF-Talk) [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 9:58 AM
To: CF-Talk
Subject: Re: Password protect a webservice
Mark,
I haven't dived into it too deeply yet, but there is the "roles"
attribute of cffunction. This is specifically for securing webservices,
and though I haven't looked at it thoroughly yet I would imagine that it
is tied into roles set through cflogin...
Cutter
Mark W. Breneman wrote:
> Any one?
>
>
> Mark W. Breneman
> -Cold Fusion Developer
> -Network Administrator
> Vivid Media
> [EMAIL PROTECTED]
> www.vividmedia.com <http://www.vividmedia.com/>
> 608.270.9770
>
> _____
>
> From: Mark W. Breneman [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 02, 2004 4:33 PM
> To: CF-Talk
> Subject: Password protect a webservice
>
> Is there a standard way to secure a web service? I have a client that
wants
> to download user data through a web service. I know that we can use
SSL to
> secure the transfer but is there a way to password protect the web
serice.
>
> Oh, and the client plans on accessing this data from MS access. I need
to
> make sure that access can deal with what ever security I use.
>
> Mark W. Breneman
> -Cold Fusion Developer
> -Network Administrator
> Vivid Media
> [EMAIL PROTECTED]
> www.vividmedia.com <http://www.vividmedia.com/>
> 608.270.9770
> _____
>
_____
_____
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
