Hi Guys,
I'm looking for the best method to secure a web service so that it can only be accessed by particular clients. The service simply returns and XML structure but some of the data contained can be quite sensitive and I'd rather keep it as safe as possible. I am a little worried about putting too much overhead on this as they could potentially get quite busy, am I ok to simple request a username and password argument into the service and use that to authenticate the user? Or is there something better I can do. I will also have access to the users IP in my database as they're all sat on static lines. I feel that querying the database every time the client accesses the service is a little sluggish, but perhaps not. The goal is to maintain something secure that is also efficient and fast so the client isn't sat waiting for data to be returned to them. Thanks for any advice on the subject. Rob ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create robust enterprise, web RIAs. Upgrade & integrate Adobe Coldfusion MX7 with Flex 2 http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJP Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275365 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
