> 1) how do you check whether the request is being made over an SSL - i suspect
> it is
> checking whether https is in the request but how do you get hold of this from
> within a web
> service?
You can read CGI variables from within a web service request, just
like you would from within a regula
On Wednesday 12 Nov 2008, Richard White wrote:
> would these be in the cfadministrator?
No, your web server, not the ColdFusion admin.
--
Tom Chiverton
Helping to vitalistically morph essential appliances
This email is sent for and on beh
would these be in the cfadministrator? is so can you point me to them please as
i cannot find them, thanks
> On Wednesday 12 Nov 2008, Richard White wrote:
> > 1) how do you check whether the request is being made over an SSL -
> i
>
> Just configure the web server to only serve the application
On Wednesday 12 Nov 2008, Richard White wrote:
> 1) how do you check whether the request is being made over an SSL - i
Just configure the web server to only serve the application over SSL.
> 2) how do you set up the folder of the service to require authentication?
Again, tick the box in your web
Thanks for your reply cutter, i have a couple of questions regarding your
processes:
1) how do you check whether the request is being made over an SSL - i suspect
it is checking whether https is in the request but how do you get hold of this
from within a web service?
2) how do you set up the
thanks for your help, and thanks for rays link on ajax security we will have to
read around this some more.
thanks again
richard
>Richard,
>
>We recently implemented a few webservices for our parent company. When
>doing these I took a multi-tier approach:
>
>1) folder of service requires auth
-Original Message-
From: Cutter (CFRelated) [mailto:[EMAIL PROTECTED]
Sent: Monday, September 29, 2008 1:28 PM
To: cf-talk
Subject: Re: remote proxy object security
Richard,
We recently implemented a few webservices for our parent company. When
doing these I took a multi-tier
On Monday 29 Sep 2008, Richard White wrote:
> we ensure that no one else can use these remote proxy objects / web
> services without coming through the JSMX message calls from our client
> software?
The generic answer is to issue a (time and/or IP limited) token when the
client logs in, and requi
Richard,
We recently implemented a few webservices for our parent company. When
doing these I took a multi-tier approach:
1) folder of service requires authentication (web server)
2) Application in folder required the request be made over SSL
3) Application took authentication credentials from s
hi,
we are creating remote proxy objects / web services as a lot of our software
uses JSMX from the client to the server.
however, we don't quite understand the security of these objects. how can we
ensure that no one else can use these remote proxy objects / web services
without coming throu
10 matches
Mail list logo
