Page 1 of 1

Webservices and Security

Posted: Mon Nov 13, 2006 4:18 am
by acidHL
Hi Guys,

I did a search but I don't think this has been touched on yet.

Does anybody have any experience in securing web services?
I have two applications (one already exists) in mind that need to exchange data. I can do this using SOAP (PHP4 w/ NuSOAP) however the web service running on the one application should only accept data/calls from certain places.

Does anybody know how to implement some simple security? The data itself doesn't need to be encrypted, I just need to restrict who (or what) can use the webservice.

:?:

Posted: Fri Nov 24, 2006 11:18 am
by acidHL
Nobody :oops: :(

Re: Webservices and Security

Posted: Sat Nov 25, 2006 3:56 am
by timvw
acidHL wrote: I did a search but I don't think this has been touched on yet.
Does anybody have any experience in securing web services?
What's so special about web services that it would be any different than other ip-based restriction solutions?
acidHL wrote: I just need to restrict who (or what) can use the webservice.
Apart from ip-based restrictions you could also require authentication. Most webbrowsers already have built-in support for that.. And if you want to take it a step further i would recommend that you look at the WebService Enhancements.. (More specifically WS-Security)