>>>>I'm not sure what I mean. I guess I'm wondering what's stopping anyone at all from accessing the data through
>>>>the WS. Do I handle security in the DB? Or is there another approach?
>>>
>>>Well, https would certainly prevent anyone from accessing it without the proper credentials.
>>
>>Not true I'm afraid. HTTPS ensures data is encrypted but has nothing to do with Authentication/Authorisation.....
>
>Yeah, Viv ... you're right. My bad. =0(
Actually I'm wrong. A certificate is normally used to authenticate the server but you *can* use client certificates for authentication. I don't think it's used very often on 'public' sites but is an option where access will be limited.
Previous
Next
Reply
View the map of this thread
View the map of this thread starting from this message only
View all messages of this thread
View all messages of this thread starting from this message only