Web Services for the Traditional RPG Programmer, Part I

** This thread discusses the Content article: Web Services for the Traditional RPG Programmer, Part I **
0

Web Services for the Traditional RPG Programmer, Part I

Hi Chris, Advance apologies if this long overdue reply meanders a bit - I'm recovering from a not too pleasant transatlantic crossing :-( I'm afraid I am no expert on security or the best way of implementing it (especially when it needs to be embedded in code) but I am not sure it is that much of an issue for web services (very, very much open to correction here). When you are connecting to web services you are not connecting directly to the System i (iSeries) nut to a HTTP server. Since access to web services is through a HTTP server, therefore "normal" web security applies. For me, this means that I would not be using i5OS user profiles as my log on - more likely using a validation list. I don't really want anyone logging on to my system over the internet - whether that be through HTTP or telnet. If I am concerned about "sniffing" etc. I would use SSL. Web services are a form of application to application programming, therefore the user id/password is provided to an application developer - not a user. Most of the web services I have seen simply have the user-id and password as part of the XML sent in the request (e.g. UPS).