Cart
[Home] [By Thread] [By Date] [Recent Entries]
On Fri, 31 Jan 2003 11:57:43 -0500, Rich Salz <rsalz@d...> wrote: > SOAP over HTTP is architecturally no worse than HTTP POST: both are > sending data and requesting that a server act upon it. Yup. Is SOAP in an incompetently designed application and incompetently administered environment any worse than CGI, ASP, or any other tool for coupling client processing with server-side code via HTTP? I *will* grant that the cavalier attitude toward security of the dominant tool vendors that make it all too easy to expose random bits of code as Web services is a Bad Thing. I would simply ask that people distinguish SOAP (the technology) from SOAP (the hype frenzy and all the bad stuff that follows from it) in a discussion such as this. Also, note the rapidly evolving definition of "firewall" over the last 10 years or so. It was originally an IP-level source/destination filter, plus TCP-level port-blocking, then HTTP-level URI-filtering .... but firewalls are becoming XML/XPath-ware, SOAP-aware, and will surely soon understand specific SOAP header standards related to security (WS-Security, etc.).
|
