> 1) how do you check whether the request is being made over an SSL - i suspect > it is > checking whether https is in the request but how do you get hold of this from > within a web > service?
You can read CGI variables from within a web service request, just like you would from within a regular page request. There are a couple of CGI variables that will provide this information. That said, I would second Tom's recommendation to simply configure the web server to require SSL for the folder containing the web service in question. > 2) how do you set up the folder of the service to require authentication? and > then how does > the client handle getting through this. if you have an example i would be > very grateful. we are > using ajax to call the web services to i am a little confused how this would > work Web server authentication is configured at, you guessed it, the web server. There are other sorts of authentication methods you can use, but they will be a bit more complicated. The client handles web server authentication by presenting a username/password dialog upon receipt of an authentication error; if the user has already authenticated, the browser will automatically send that user's credentials on subsequent requests. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ Fig Leaf Software provides the highest caliber vendor-authorized instruction at our training centers in Washington DC, Atlanta, Chicago, Baltimore, Northern Virginia, or on-site at your location. Visit http://training.figleaf.com/ for more information! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;207172674;29440083;f Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:315165 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
