Hi, I am using XFire web services to transfer lots of data to a client side application. I currently use an authentication token with username and password to make sure no one but our users can use this application. What I'm wondering is if there is a way to prevent our users from accessing the web services from outside of our application. It would be pretty easy to look at the outgoing SOAP requests to figure out how to manually create one and then abuse our web services. We don't really want these services to be available in that way. Is there some common way to do this? Any ideas would be great. Thanks,
anomamo
