I first looked into this and than we decided to simply run authentication over SSL to protect our services. In our situation, the amount of development didn't justify the end result.
We also found that even with the Java upgrade to allow the Encrypt tag more functionality, we had problems as .NET defaults to UTF-16 whereas CF uses UTF-8 which can play havoc while passing encoded initialization vectors and encrypted strings. If you end up trying to conquer this, let me know and I'd be happy to work on this with you. Cheers, !k -----Original Message----- From: Mike Kear [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 03, 2007 5:50 PM To: CF-Talk Subject: WSE Security - anyone have any experience with it? My client has asked for advice on what the ramifications might be for his site if he shares content with another company who uses WSE Security. The content will require secure access - there's dollars being passed back and forth - and this other company is a .net site, and they use WSE security. So .. now II have to bone up on what it means for a CF7.0.2 enterprise/Win2003 environment. Can anyone point me at any resources so I can learn about it. preferably not anything from Microsoft I have the greatest difficulty learning anything from their documentation. -- Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion, PHP, ASP, ASP.NET hosting from AUD$15/month ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:274499 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
