Maybe I'm misunderstanding "REST"? I thought the main difference between
REST and SOAP was the transmission format? Your service is only as open
as you make it.
Thanks
Bryce Martin
Programmer/Analyst I
570-546-4777
Henrik Rützou <hr@xxxxxxxxxxxx>
Sent by: web400-bounces@xxxxxxxxxxxx
11/21/2010 08:07 PM
Please respond to
Web Enabling the AS400 / iSeries <web400@xxxxxxxxxxxx>
To
"Web Enabling the AS400 / iSeries" <web400@xxxxxxxxxxxx>
cc
Subject
Re: [WEB400] IBM i in the cloud (was social media)
Richard,
HTTPS does provide some security,
but a real REST enabled application is like having a totally free Command
Line in 5250,
enter PWRDWNSYS and the system will do as it is told.
The trick is to create an enviroment where any program (service) that can
be
reached from
the outside is protected not only by a session id but also by the server
has
granted permisson
for the client to run it with the limitation the server also grants - e.g.
you are allowed to delete
this order but you are not allowed to delete *ALL
You may be able to retreive data from this service - but it is limited to
your own - this is what
the security layer should be able to do - and this is what EGL and other
are
not in general able
to do.
--
Regards,
Henrik Rützou
http://powerEXT.com <
http://powerext.com/>
--
This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
To post a message email: WEB400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/web400
or email: WEB400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at
http://archive.midrange.com/web400.
--- This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us and destroy this message immediately. ---
As an Amazon Associate we earn from qualifying purchases.