Secure or Not So Secure?

[Brian Polackoff]

Hey everyone I have thrown this idea around before with a few guys on this
list but have modified my methodology slightly and am now asking the full
community their thoughts. Is the below scenario secure or I am asking for
trouble?

Here is the code: Secure or not so secure? (No vpn or ssh tunnel, traffic is
right over the internet via SSL 2048bit between two CF 8 Servers)

<!--- CFM File Called from a web server in the southeast--->

<cfsavecontent variable="theQryTxt">
        Complicated query goes here
</cfsavecontent>

<cfinvoke
   method="MyMethodName"
   returnvariable="GetData"
   webservice="httpS://domainName.com/web_Services/myCFC.cfc?wsdl"
   refreshWSDL = "yes">

   <cfinvokeargument name="theDS"
value="the_Local_Data_Source_Of_The_CF_server">
   <cfinvokeargument name="theKey" value="a_Complicated_Secure_Password">
   <cfinvokeargument name="theQry" value="#theQryTxt#">

</cfinvoke>


<!--- the CFC on the remote system on a web server in the north west ---->
<cfcomponent>
      <cffunction name=" MyMethodName " access="remote" returntype="query">
                    
      <cfargument name="theDS" type="string" required="yes">
      <cfargument name="theKey" type="string" required="yes">
      <cfargument name="theQry" type="string" required="yes">
                
        
    <Cfif cgi.REMOTE_ADDR eq 'ONE_Public_IPaddress_of_the_Calling_CF_Server'
and theKey eq 'MYSECUREPASSWORD_over12CharactersETC...' >
        
        <cfquery name="RemoteData" datasource="#theDS#">
                        #PreserveSingleQuotes(theQry)#
        </cfquery> 
 <cfelse>
        <cfset RemoteData = queryNew("Fail","Integer")>
        <cfset newRow = QueryAddRow(RemoteData, 1)>
        <cfset temp = QuerySetCell(RemoteData, "Fail", '-1', 1)>
</Cfif>     

   <cfreturn RemoteData>
</cffunction>
</cfcomponent>


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: 
http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:341059
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm