Hi,
no, you are not too cautious. All the information you send to/from your web service can be intercepted and read since it's xml / plain text. To solve this problem you have to use SSL.
This article (which I was just looking at 3 minutes ago) shows you how to do it:
http://www.samspublishing.com/articles/article.asp?p=24604
Regards, Tom
Plorks mail wrote:
Hi all
I'm calling a method from a web service and watching the soap being sent back and forth.
I'm passing through a password and noticed it's showing in the soap request
Am i able to stop this info from being shown?
Mant thanks for your help
Will someone be able to 'sniff' this info? Or am i bing over cautious?
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<getUserNamePassword soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<arg0 xsi:type="xsd:string">test</arg0>
<arg1 xsi:type="xsd:string">password</arg1>
</getUserNamePassword>
</soapenv:Body>
</soapenv:Envelope>
_________________________________________________________________
Use MSN Messenger to send music and pics to your friends http://messenger.msn.co.uk