[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] RE: SOAP-RPC and REST and security
One can expose a security risk naively. One could also only expose a facade or a kind of session manager that handles requests and routes them appropriately. One can also take the approach taken by some data warehouse models in which a separate server, really a separate box, handles the web services. The internal systems which must be secure don't face out. Sure, someone can do a stupid thing. Or, one can do a good design, understand best practices, and act accordingly. Same as it ever was. len -----Original Message----- From: Joshua Allen [mailto:joshuaa@m...] Again, I don't understand this. RPC does not pass code to the server. The user does not "execute code directly". The user passes some parameters, and the server executes whichever code it has been configured to execute in response. Same as happens with REST.
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|