Yes, but what if use SOAP over a different transport protocol? Just curious...
-----Original Message----- From: Steve Parker [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 1:01 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Web Service Model - Security Issues i guess one would protect SOAP from DOS attacks using the same techniques as one would use to protect HTTP from such attacks, right? and, regarding authentication/authorization of web services... look at the SAML (Security Assertion Markup Language) OASIS standard (www.oasis-open.org). On Tue, 28 Jan 2003 18:44:53 +0000, Nicolas Dinh wrote > <soap:address DIV <soap:binding DIV <soap:body DIV <soap:body DIV Hi, > > <soap:address DIV <soap:binding DIV <soap:body DIV <soap:body DIV > I'm still quite new to all of this. But from what I understand, one > of the main goals of using a Web Service Model is to essentially > make its interface universal and accessible to anyone. > > <soap:address DIV <soap:binding DIV <soap:body DIV <soap:body DIV > How does one protect one's Web Service from malicious attacks. One > that comes into mind and can be done quite easily is flooding a Web > Serice with SOAP calls. If the scope of the AXIS Web Service is per > request, then the Web Servicee object is instantiated every time a > SOAP call is made and can put quite a load or even crash the server > that is hosting the Web Service? > > <soap:address DIV <soap:binding DIV <soap:body DIV <soap:body DIV > Regards, > > <soap:address DIV <soap:binding DIV <soap:body DIV <soap:body DIV > Nicolas Dinh > > ----------------------------------------------------------------------- > Help STOP SPAM with the new MSN 8 and get 2 months FREE*
