>>>>I'm not sure what I mean. I guess I'm wondering what's stopping anyone at all from accessing the data through
>>>>the WS. Do I handle security in the DB? Or is there another approach?
>>>
>>>Well, https would certainly prevent anyone from accessing it without the proper credentials.
>>
>>Not true I'm afraid. HTTPS ensures data is encrypted but has nothing to do with Authentication/Authorisation.....
>
>Yeah, Viv ... you're right. My bad. =0(
Actually I'm wrong. A certificate is normally used to authenticate the server but you *can* use client certificates for authentication. I don't think it's used very often on 'public' sites but is an option where access will be limited.
Précédent
Suivant
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement