That was my understanding as well is that it wouldn't work in IE. I'm
curious what the username/password attributes in cfinvoke check against.
Anyone know?
John
-----Original Message-----
From: Mark W. Breneman [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 1:18 PM
To: CF-Talk
Subject: RE: Password protect a webservice
Just a FYI for everyone. Looks like passing a user name and password to
the webservice using <https://bob:[EMAIL PROTECTED]>
https://bob:[EMAIL PROTECTED]/getdata.cfc using folder / file security
on the webserver does work with Office XP Web Services Toolkit 2.0.
The only question I have is how does IE latest security "fix" work with
this? It is my understanding that IE will no longer correctly deal with
the user/pass in the URL. Cumulative Security Update for Internet
Explorer (832894)", which disables the user:pass@ way of authentication.
Does this
also apply to Microsoft Office XP Web Services Toolkit 2.0 in this
case MS
access or the VB editor in access?
Mark W. Breneman
-Cold Fusion Developer
-Network Administrator
Vivid Media
[EMAIL PROTECTED]
www.vividmedia.com <http://www.vividmedia.com/>
608.270.9770
_____
From: Cutter (CF-Talk) [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 9:58 AM
To: CF-Talk
Subject: Re: Password protect a webservice
Mark,
I haven't dived into it too deeply yet, but there is the "roles"
attribute of cffunction. This is specifically for securing webservices,
and though I haven't looked at it thoroughly yet I would imagine that it
is tied into roles set through cflogin...
Cutter
Mark W. Breneman wrote:
> Any one?
>
>
> Mark W. Breneman
> -Cold Fusion Developer
> -Network Administrator
> Vivid Media
> [EMAIL PROTECTED]
> www.vividmedia.com <http://www.vividmedia.com/>
> 608.270.9770
>
> _____
>
> From: Mark W. Breneman [mailto:[EMAIL PROTECTED]
> Sent: Monday, August 02, 2004 4:33 PM
> To: CF-Talk
> Subject: Password protect a webservice
>
> Is there a standard way to secure a web service? I have a client that
wants
> to download user data through a web service. I know that we can use
SSL to
> secure the transfer but is there a way to password protect the web
serice.
>
> Oh, and the client plans on accessing this data from MS access. I need
to
> make sure that access can deal with what ever security I use.
>
> Mark W. Breneman
> -Cold Fusion Developer
> -Network Administrator
> Vivid Media
> [EMAIL PROTECTED]
> www.vividmedia.com <http://www.vividmedia.com/>
> 608.270.9770
> _____
>
_____
[Todays Threads]
[This Message]
[Subscription]
[Fast Unsubscribe]
[User Settings]
[Donations and Support]
- Password protect a webservice Mark W. Breneman
- RE: Password protect a webservice Mark W. Breneman
- Re: Password protect a webservice Ben Doom
- Re: Password protect a webservice Jochem van Dieten
- Re: Password protect a webservice Cutter (CF-Talk)
- RE: Password protect a webservice Mark W. Breneman
- RE: Password protect a webservice Burns, John D
- RE: Password protect a webservice Mark W. Breneman