Thanks for your reply cutter, i have a couple of questions regarding your processes:
1) how do you check whether the request is being made over an SSL - i suspect it is checking whether https is in the request but how do you get hold of this from within a web service? 2) how do you set up the folder of the service to require authentication? and then how does the client handle getting through this. if you have an example i would be very grateful. we are using ajax to call the web services to i am a little confused how this would work thanks very much >Richard, > >We recently implemented a few webservices for our parent company. When >doing these I took a multi-tier approach: > >1) folder of service requires authentication (web server) >2) Application in folder required the request be made over SSL >3) Application took authentication credentials from server auth, and >also verified against: > a) List of authorized users > b) DB check of authentication to system > This applied a role to the authenticated user, for which certain >services required specific roles for access as well. > >This is how we've handled this particular access. A lot of the data >being returned from the service is also encrypted, providing another >layer of security. > >Using Ajax for these services, you may also want to review this article >from Ray Camden, >http://www.coldfusionjedi.com/index.cfm/2007/7/31/ColdFusion-8-Ajax-Security-Features. > >Steve "Cutter" Blades >Adobe Certified Professional >Advanced Macromedia ColdFusion MX 7 Developer >_____________________________ >http://blog.cutterscrossing.com > >Richard White wrote: >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:315135 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
