Presents your 
XML AND WEB SERVICES E-NEWSLETTER for July 21, 2003

<------------------------------------------->

BUILD BETTER WEB SERVICE USER AUTHENTICATION

Some of the secrets of Web services technology are its inherent security
risks. That's why developers must be familiar with a variety of
techniques to maintain strict control over the Web services they employ.

By default, any exposed Web service is available to any technically
savvy party that calls it (which is a bit like leaving your server room door
open for any passerby to use).User authentication thus becomes of
paramount importance; you don't want just anyone taking your carefully 
developed Web services for a spin.

There are two favored and reliable methods for user-authenticated access
to exposed Web services: programmatic validation and operating system
validation. Neither is perfect, but both offer some assurances against
rampant Web service abuse.

This article discusses the pros and cons of programmatic and OS-based
Web service user authentication. Find out which one might be right for your
situation and where each method might still leave you exposed to 
attack.

http://cl.com.com/Click?q=89-h2zbQ-JArajzkI4upwH-p0V9WW8a 

----------------------------------------