|
[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Two sides of SOAP (was RE: SOAP-RPC and REST and security)
2/20/2002 8:24:43 PM, Michael Brennan <Michael_Brennan@A...> wrote: > I don't see SOAP as having introduced >anything fundamentally new into the mix in this regard. Hmmm, that's an interesting point. Maybe the people who worry about SOAP see it as DCOM minus-minus and the people who don't see it as CGI plus-plus. I must admit that when I think of SOAP as a more orderly and flexible way of doing what we do with CGI/servlets/etc., I kinda like it ... and when I think of it as a way for naive (or evil) people to enable random jerks on the internet to execute untrustworthy code remotely, I don't. Which is it, or is it both? Mechanically, it seems almost certainly true that anything bad that could be done with SOAP could be done with the previous generation of web technologies. On the other hand, SOAP is getting so many power tools hooked up to it that CGI (etc.) never had, so bad things could happen more quickly and easily. You can cut off your arm with a handsaw if you really try, but it is SO much easier with a power saw whether or not you try. Is that an appropriate analogy? Is the potential security problem we've been talking about at the tool level rather than the protocol level? And how likely is it that a semi-competent developer using a modern web services wizard would "cut his arm off" accidentally?
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|
|||||||||

Cart








