In general, you want web services to stick to what they do best and handle custom/specific security requirement/issues outside of them. Such an approach could including installing a proxy server or firewall (hardware or software) between the web service server and the web services consumers.
Bear in mind that your rarely can you "have your cake and eat it" when it comes to robust security solutions. Generally - it's *all* or nothing. Otherwise, you introduce exceptions and workarounds that ultimately defeat the original intent...plus break your existing application. :) This is not a U2 Web Services specific issue, but impacts similar such products and middleware as well. Some have built-in security like ACLs or IP-address restrictions at the service/provider and/or queue-level. Regards, David -----Original Message----- From: u2-users-boun...@listserver.u2ug.org [mailto:u2-users-boun...@listserver.u2ug.org] On Behalf Of David Jordan Sent: Friday, 5 June 2009 2:50 PM To: U2 Users List Subject: Re: [U2] Web services The Web Services Developer is very quick and easy to set up a service talking to a Basic Subroutine. The only issue I have is the authorisation and why in the past I have used .Net. I was trying to work out whether PAM/LDAP could be used as it is available with UniVerse 10.3, but there is little documentation. Regards David Jordan _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users ************** IMPORTANT MESSAGE ***************************** This e-mail message is intended only for the addressee(s) and contains information which may be confidential. If you are not the intended recipient please advise the sender by return email, do not use or disclose the contents, and delete the message and any attachments from your system. Unless specifically indicated, this email does not constitute formal advice or commitment by the sender or the Commonwealth Bank of Australia (ABN 48 123 123 124) or its subsidiaries. We can be contacted through our web site: commbank.com.au. If you no longer wish to receive commercial electronic messages from us, please reply to this e-mail by typing Unsubscribe in the subject line. ************************************************************** _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
