Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Business Objects separate from UI Question - hackers??
Message
From
01/09/2004 13:25:15
Bob Archer
Tampa, Florida, United States
 
 
To
01/09/2004 11:28:00
Bonnie DeWitt
Geneva Systems Group
Ellensburg, Washington, United States
General information
Forum:
ASP.NET
Category:
The Mere Mortals .NET Framework
Title:
Re: Business Objects separate from UI Question - hackers??
Miscellaneous
Thread ID:
00937993
Message ID:
00938456
Views:
16
>Pretty simple, IMHO. ;)

So, your web service authentication is that a GUID is passed in as a paramter, and it that GUID is in your login table or such, then they are considered ok.

Just playing DA here... What if a "rouge" programmer was able to log into your system... then they would have the GUID to pass to your web services?

I assume you require SSL to access your web services so these GUID's can't be sniffed?

Also, you don't use an encrypted authentication ticket or anything?

BOb
Previous
Next
Reply
Map
View

Click here to load this message in the networking platform