[Cialug] Re: [ciapug] XML

Korver, Aaron cialug@cialug.org
Tue, 22 Mar 2005 16:50:23 -0600


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_001_01C52F31.87FBB450
Content-Type: text/plain;
	charset="iso-8859-1"

Note though that SSL isn't good enough when talking about SOAP if you are
going to be pushing the webservice out to the world.  If you are going to be
staying within a private LAN then SSL is probably sufficient.  Transport
layer security is just one layer.  The ws-security specs detail data layer
security.  
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-securit
y-1.0

> -----Original Message-----
> From: Tony Bibbs [mailto:tony@tonybibbs.com]
> Sent: Tuesday, March 22, 2005 11:09 AM
> To: cialug@cialug.org
> Cc: ciapug@cialug.org
> Subject: Re: [Cialug] Re: [ciapug] XML
> 
> 
> Anything wrong with using SOAP?  If so, what about XMLRPC?
> 
> Securing the service can be a challenge and it needs to happen at 
> multiple levels.  Networking is a good place to start...if 
> you can only 
> allow access to the service from specific hosts.  Then there is the 
> transport layer...using SSL is a no brainer and finally, you 
> can embed 
> some sort of userid/password type of thing to go over with 
> the request.
> 
> I'd personally recommend SOAP (PHP5's SOAP implementation is 
> servicable) 
> and if that won't fly then you can use XMLRPC.  PHP5 supports XMLPRC 
> (assuming the appropriate --with-xmlrpc option was given) and should 
> that fail then use PEAR's XMLRPC implementation: 
> http://pear.php.net/package/XML_RPC#results
> 
> --Tony
> 
> David Champion wrote:
> 
> > [crosspostin']
> >
> > Dave J. Hala Jr. wrote [on the PHP list] :
> >
> >> Anyone using XML on one of their sites to exchange information with
> >> other systems?
> >>
> >> Anyone sending an "XML query" (wrong terminology, I know) 
> to another
> >> site, retrieving the data and inserting into their system?
> >>
> >> How do you handle the authenitication? What software you use on the
> >> Linux system?
> >>
> >>
> >> :) Dave
> >
> >
> > I recall Dave Weis mentioned that he'd written a PHP/XML service 
> > recently.
> >
> > -dc
> >
> > _______________________________________________
> > Cialug mailing list
> > Cialug@cialug.org
> > http://cialug.org/mailman/listinfo/cialug
> 
> 
> _______________________________________________
> Cialug mailing list
> Cialug@cialug.org
> http://cialug.org/mailman/listinfo/cialug
> 

------_=_NextPart_001_01C52F31.87FBB450
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2653.12">
<TITLE>RE: [Cialug] Re: [ciapug] XML</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>Note though that SSL isn't good enough when talking =
about SOAP if you are going to be pushing the webservice out to the =
world.&nbsp; If you are going to be staying within a private LAN then =
SSL is probably sufficient.&nbsp; Transport layer security is just one =
layer.&nbsp; The ws-security specs detail data layer security.&nbsp; =
</FONT></P>

<P><FONT SIZE=3D2><A =
HREF=3D"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-mes=
sage-security-1.0" =
TARGET=3D"_blank">http://docs.oasis-open.org/wss/2004/01/oasis-200401-ws=
s-soap-message-security-1.0</A></FONT>
</P>

<P><FONT SIZE=3D2>&gt; -----Original Message-----</FONT>
<BR><FONT SIZE=3D2>&gt; From: Tony Bibbs [<A =
HREF=3D"mailto:tony@tonybibbs.com">mailto:tony@tonybibbs.com</A>]</FONT>=

<BR><FONT SIZE=3D2>&gt; Sent: Tuesday, March 22, 2005 11:09 AM</FONT>
<BR><FONT SIZE=3D2>&gt; To: cialug@cialug.org</FONT>
<BR><FONT SIZE=3D2>&gt; Cc: ciapug@cialug.org</FONT>
<BR><FONT SIZE=3D2>&gt; Subject: Re: [Cialug] Re: [ciapug] XML</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Anything wrong with using SOAP?&nbsp; If so, =
what about XMLRPC?</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; Securing the service can be a challenge and it =
needs to happen at </FONT>
<BR><FONT SIZE=3D2>&gt; multiple levels.&nbsp; Networking is a good =
place to start...if </FONT>
<BR><FONT SIZE=3D2>&gt; you can only </FONT>
<BR><FONT SIZE=3D2>&gt; allow access to the service from specific =
hosts.&nbsp; Then there is the </FONT>
<BR><FONT SIZE=3D2>&gt; transport layer...using SSL is a no brainer and =
finally, you </FONT>
<BR><FONT SIZE=3D2>&gt; can embed </FONT>
<BR><FONT SIZE=3D2>&gt; some sort of userid/password type of thing to =
go over with </FONT>
<BR><FONT SIZE=3D2>&gt; the request.</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; I'd personally recommend SOAP (PHP5's SOAP =
implementation is </FONT>
<BR><FONT SIZE=3D2>&gt; servicable) </FONT>
<BR><FONT SIZE=3D2>&gt; and if that won't fly then you can use =
XMLRPC.&nbsp; PHP5 supports XMLPRC </FONT>
<BR><FONT SIZE=3D2>&gt; (assuming the appropriate --with-xmlrpc option =
was given) and should </FONT>
<BR><FONT SIZE=3D2>&gt; that fail then use PEAR's XMLRPC =
implementation: </FONT>
<BR><FONT SIZE=3D2>&gt; <A =
HREF=3D"http://pear.php.net/package/XML_RPC#results" =
TARGET=3D"_blank">http://pear.php.net/package/XML_RPC#results</A></FONT>=

<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; --Tony</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; David Champion wrote:</FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; &gt; [crosspostin']</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; Dave J. Hala Jr. wrote [on the PHP list] =
:</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; Anyone using XML on one of their sites =
to exchange information with</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; other systems?</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; Anyone sending an &quot;XML =
query&quot; (wrong terminology, I know) </FONT>
<BR><FONT SIZE=3D2>&gt; to another</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; site, retrieving the data and =
inserting into their system?</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; How do you handle the authenitication? =
What software you use on the</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; Linux system?</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;&gt; :) Dave</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; I recall Dave Weis mentioned that he'd =
written a PHP/XML service </FONT>
<BR><FONT SIZE=3D2>&gt; &gt; recently.</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; -dc</FONT>
<BR><FONT SIZE=3D2>&gt; &gt;</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; =
_______________________________________________</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; Cialug mailing list</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; Cialug@cialug.org</FONT>
<BR><FONT SIZE=3D2>&gt; &gt; <A =
HREF=3D"http://cialug.org/mailman/listinfo/cialug" =
TARGET=3D"_blank">http://cialug.org/mailman/listinfo/cialug</A></FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
<BR><FONT SIZE=3D2>&gt; =
_______________________________________________</FONT>
<BR><FONT SIZE=3D2>&gt; Cialug mailing list</FONT>
<BR><FONT SIZE=3D2>&gt; Cialug@cialug.org</FONT>
<BR><FONT SIZE=3D2>&gt; <A =
HREF=3D"http://cialug.org/mailman/listinfo/cialug" =
TARGET=3D"_blank">http://cialug.org/mailman/listinfo/cialug</A></FONT>
<BR><FONT SIZE=3D2>&gt; </FONT>
</P>

</BODY>
</HTML>
------_=_NextPart_001_01C52F31.87FBB450--