Midrange News for the IBM i Community

Posted by: TFisher
Securing web services
has no ratings.
Published: 06 Mar 2013
Revised: 06 Mar 2013 - 2077 days ago
Last viewed on: 12 Nov 2018 (3723 views) 

Using IBM i? Need to create Excel, CSV, HTML, JSON, PDF, SPOOL reports? Learn more about the fastest and least expensive tool for the job: SQL iQuery.

Securing web services Published by: TFisher on 06 Mar 2013 view comments(2)

Return to midrangenews.com home page.
Sort Ascend | Descend


(Sign in to Post a Comment)
Posted by: bobcozzi
Site Admin ****
Comment on: Securing web services
Posted: 5 years 8 months 8 days 13 hours 25 minutes ago

When  hackers attempt to sign onto the using ROOT as the user ID, I've seen the system reject and disable that profile. Other than that, they really don't have any big issues.

For Web Services most of my customers use a simple validation list or database file in which they store the valid use requests.

Of course my practice is the redirect any unauthorized users or blocked IP's to www.cia.gov and that tends to stop them pretty quick.

Posted by: Ringer
Premium member *
Comment on: Securing web services
Posted: 5 years 8 months 8 days 11 hours 45 minutes ago

I'm not a web security guru. But I would think using SSL and putting the user id and password encoded in the body of the request or as encoded HTTP headers would be secure. I wonder how google does this for their web services.

As a compromise, maybe you could expose your code/RPG as stored procedures and let the other box call them with java/php/etc.

Chris Ringer