first conundrum. It seems that the basic principle of web services
dictates a stateless design. So how do you maintain security in your
services. Say you have a time sheet program and the flow goes something
like this:
1.enter site.
2.log into system
3.enter new time into system
4.review old records.
5.edit previous entry
Does this mean that for steps 2 through 5 you'll be sending the
user/password combo so that each call can be authenticated? I've
thought that maybe step 2 could return a connection id that you could
sub for the user/password combo.....
--
Marlon Moyer, Sr. Internet Developer
American Contractors Insurance Group
phone: 972.687.9445
fax: 972.687.0607
mailto:[EMAIL PROTECTED]
www.acig.com
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]