Hello, Some years ago I ran across an article that suggested there was a problem securing Web Service xml payloads that have attachments. Don't recall if it was based on encrypting them or what the standard context was. I'm honestly not even sure it had to do with attachments - perhaps xml payloads in general? Is this a historical issue or still real? Of course, SSL can always be used but not sure the overhead penalty is where we can to go. Any suggestions/thoughts are appreciated. Doug
posted 8 years ago
Welcome to JavaRanch.
I'm not sure what the problem is supposed to be; I imagine they might have been talking about the fact that a file (or more generally, binary data) gets created on the server that has slipped by any virus checkers. Especially if it's an SSL connection there's no way to check the file in transit, and even if it's not, I don't think firewalls are SOAP-smart enough to extract the file contents to check it. So one needs to be careful what happens with/to attachments.