The moose likes Web Services and the fly likes Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Security" Watch "Security" New topic


age spets
Ranch Hand

Joined: Aug 07, 2002
Posts: 68

A customer is asking me to put a web service on my production machine, which will be called from a web-server. Today there is no connection between this machines. I see that the security get reduced, but how much? Will I be in big risk? See this as more secure than if he runs SQL, but is it more secure? The other possibility is to move data from production machine to the web machine.

Any ideas?
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42965
Running a web service is not inherently more or less secure than running a regular web server. It is of course another point of attack, but it can be secured just like a web app (encryption, authentication, etc.).
I agree. Here's the link:
subject: Security
jQuery in Action, 3rd edition