Hi Michael, Pascal is right in the fact that the web server is typically the first line of defense. That said, most of the web server's defenses include headers that you can read.
I prefer things like SAML2, Grid Certificates, Kerberos, etc. This enables people better qualified to verify the personal issues to simply tell ERRest are they telling the truth. V/R, Dan Beatty -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Pascal Robert Sent: Thursday, December 05, 2013 5:39 AM To: Michael Kondratov Cc: WebObjects Development Subject: Re: ERRest security Nothing special. It's just plain HTTP, so the usual stuff applies: SSL, security in Apache (mod_security or other module), Digest auth, tokens, etc. ----- Mail original ----- De: "Michael Kondratov" <[email protected]> À: "WebObjects Development" <[email protected]> Envoyé: Mercredi 4 Décembre 2013 21:54:43 Objet: ERRest security Does any one on the list have much experience with ERRest security. I am worried about possible injection DDoS attacks etc. Any pointers? Michael Kondratov _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/probert%40macti.ca This email sent to [email protected] _______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/daniel.beatty%40navy.mil This email sent to [email protected]
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-dev mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com This email sent to [email protected]
