I'm I understanding this right? If you authenticate to a webservice via passing username and password as params, you should probably do it over SSL or some such, becuase it would be in plain text over http, correct?
I'm just starting to toy with the idea of webservices, esp. since Flex and laszlo seem to prefer them for getting/sending data(?). The authentication is what's stumping me, besides a general lack of knowledge. In my head I guess I'm picturing passing around sesh tokens to the webservices and if the webservice responds with "not authenticated" instead of data, popping up some type of authenticaion window. I was impressed* by Geoff's(sp?) Flex and CF in 10 demo, but was watching it while cooking, so I'm not sure if I missed parts about authentication. *it and the farcry demo were top notch. Nice stuff folks! I'll go back and check it out, but I guess I was just wondering if my ideas about webservices are way off, which I suspect is the case. I'm thinking of them as RSS feed-like... sorta missing the object part, I guess? Bah. I think I just need to do far more research into this area... :D ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Message: http://www.houseoffusion.com/lists.cfm/link=i:4:242512 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
