If you are trying to keep session based objects you are going to have to build an architecture to do so. I've been drawing out some designs for that sort of thing if you are interested hit me up offline.
-adam
> -----Original Message-----
> From: Marlon Moyer [mailto:[EMAIL PROTECTED]
> Sent: Thursday, April 22, 2004 07:26 PM
> To: 'CF-Talk'
> Subject: Web Services
>
> I'm trying to experiment with web services and I've already run into my
> first conundrum. It seems that the basic principle of web services
> dictates a stateless design. So how do you maintain security in your
> services. Say you have a time sheet program and the flow goes something
> like this:
>
>
>
> 1.enter site.
>
> 2.log into system
>
> 3.enter new time into system
>
> 4.review old records.
>
> 5.edit previous entry
>
>
>
> Does this mean that for steps 2 through 5 you'll be sending the
> user/password combo so that each call can be authenticated? I've
> thought that maybe step 2 could return a connection id that you could
> sub for the user/password combo.....
>
>
>
>
>
>
>
>
>
>
>
> --
>
> Marlon Moyer, Sr. Internet Developer
>
> American Contractors Insurance Group
>
> phone: 972.687.9445
>
> fax: 972.687.0607
>
> mailto:[EMAIL PROTECTED]
>
> www.acig.com
>
>
>
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
