[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: SOA and the Single URL
Rich Salz wrote: >> So each message, no matter the size, should be parsed to determine >> authorization, authentication and validity? As opposed to >> stopping/redirecting a request based on the URL/request-credentials >> before a parse happens? > > > Should be? Even I'd be reluctant to use something other than "may." > If your gateway facility is fast enough to handle the traffic, than you > can get significant performance gains by offloading stuff like you > mention from your application servers. A J2EE server is not usually the > most performant place to do a WS-Security signature validation. > > There are security benefits, too. Put the router into your DMZ and you > prevent bad messages from even getting onto your network. Pass all XML > traffic through it and you have a guaranteed policy enforcement point. OK, I can see what you are saying. Is there some facility to deny/turn-off processing for a type of DoS attack? Say something is sending you several complex, large messages - what happens to the gateway? -Rob > > But definitely, not everyone needs or wants to do this. It's all about > engineering trade-offs. > > /r$ >
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|