This is what we've done. Just use SSL and pass arguments into each method call but don't call them "username" and "password" as CF (if that's the client machine's platform) will instead pass these along as http basic authentication (which, btw, you don't want to use as a CF client will cache the authentication and potentially give everyone on the remote box access to your webservice). Call them wsusername and wspassword or something similar.
On 4/16/07, Tom Chiverton <[EMAIL PROTECTED]> wrote: > On Monday 16 Apr 2007, Robert Rawlins - Think Blue wrote: > > I am a little worried about putting too much overhead on this as they could > > potentially get quite busy, am I ok to simple request a username and > > password argument into the service and use that to authenticate the user? > > Could do - make sure you are running over SSL though so know one can see the > passwords go past. > > > IP in my database as they're all sat on static lines. I feel that querying > > the database every time the client accesses the service is a little > > sluggish, but perhaps not. > > I wouldn't expect it to be slow. If, as you say, it's fairly busy then the > query results will be in the database servers query cache. > You could set the cache options in the CFQUERY tag too of course. > > -- > Tom Chiverton > Helping to greatly exploit impactful markets > on: http://thefalken.livejournal.com > > **************************************************** > > This email is sent for and on behalf of Halliwells LLP. > > Halliwells LLP is a limited liability partnership registered in England and > Wales under registered number OC307980 whose registered office address is at > St James's Court Brown Street Manchester M2 2JF. A list of members is > available for inspection at the registered office. Any reference to a partner > in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by > the Law Society. > > CONFIDENTIALITY > > This email is intended only for the use of the addressee named above and may > be confidential or legally privileged. If you are not the addressee you must > not read it and must not use any information contained in nor copy it nor > inform any person other than Halliwells LLP or the addressee of its existence > or contents. If you have received this email in error please delete it and > notify Halliwells LLP IT Department on 0870 365 8008. > > For more information about Halliwells LLP visit www.halliwells.com. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Create Web Applications With ColdFusion MX7 & Flex 2. Build powerful, scalable RIAs. Free Trial http://www.adobe.com/products/coldfusion/flex2/?sdid=RVJS Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275372 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
