File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Security hole with Attachments?

 
Doug Lundin
Greenhorn
Posts: 1
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,
Some years ago I ran across an article that suggested there was a problem securing Web Service xml payloads that have attachments. Don't recall if it was based on encrypting them or what the standard context was.
I'm honestly not even sure it had to do with attachments - perhaps xml payloads in general?
Is this a historical issue or still real?
Of course, SSL can always be used but not sure the overhead penalty is where we can to go.
Any suggestions/thoughts are appreciated.
Doug
 
Ulf Dittmer
Rancher
Pie
Posts: 42966
73
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to JavaRanch.

I'm not sure what the problem is supposed to be; I imagine they might have been talking about the fact that a file (or more generally, binary data) gets created on the server that has slipped by any virus checkers. Especially if it's an SSL connection there's no way to check the file in transit, and even if it's not, I don't think firewalls are SOAP-smart enough to extract the file contents to check it. So one needs to be careful what happens with/to attachments.
 
I agree. Here's the link: http://aspose.com/file-tools
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic