O'Reilly logo

Securing Ajax Applications by Christopher Wells

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Securing Web Services

Web services are a collection of Internet technologies that expose application functions on the Web and allow machines in different locations to talk to one another. Applications use web services to share and process information—making federated applications. The basic idea is to promote component driven applications and component reuse. You chose what services you are going to provide and build applications that use those services. To best promote the reusability of these services, things must be built similarly.

Hooking different applications together isn't a new idea. Earlier formats such as EDI, RMI, Corba, and RPC have all tried to step up and ride this bull. Each failed to get widespread industry acceptance largely due to their complexity and lack of easy integration. Microsoft's decision to go with XML and SOAP for its RPC solution probably served as the main spark that lit web services—for then everyone finally saw common ground.

Where web services differ from previous attempts is in their standardization on XML and their transport over HTTP. XML provides a standard by which these services can communicate and allows the services to be transparent and readable. Programs can walk up to one another and discover each other's functionality easily without having to know specific implementation details. HTTP provides a common transport protocol that is usually available (open) between firewalls.

The truth is the paint is not entirely dry on this stuff ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required