All geek questions in one place

Secure web service?

I am trying to create a secure web service (which provides simple database data) with PHP that can be connected through a Silverlight application. I don't know enough about PHP to be able to see another way to do this.

The web service should be accessible only through the client and only with the correct username / password.

The only thing I can imagine is to pass the hash of the user / password via the URL or use the "hidden form" and do it through POST _.

I'm just trying to get past this point, I'm the only developer in this project, and I'm just trying to get past this part of the PHP web service, so I can go back to being an application programmer :)

Normally I would learn PHP, but I'm on the clock, so I'm just looking for a point in the right direction, how to do it!

+3
source share
2 answers

You put your service over SSL and send the user password in the box.

You should use POST, as the URL can be cached along the way, showing your credentials.

You can use json , xml or a query string (simple form message) to pass parameters.

What is it!

+6
source

Just use basic SSL and HTTP authentication, the headers are encrypted so they won’t see your username / password this way.

+1
source

Source: https://habr.com/ru/post/1744570/

More articles:


All Articles