View Full Version : Security for XML over HTTP?

01-30-2010, 02:41 PM
I am building a web application in which the client communicates to a variety of software components using XML over HTTP. The client submits request to these components using basic HTTP verbs (POST and GET), and when appropriate send XML-encoded data along with the request. The component then processes the XML, performs the appropriate action, then sends an XML-encoded response.

My question is what I can do for security. I've been reading a whole lot about SOAP vs REST, and it seems to be a holy war characterized by preference/opinion/subjectivity.

I'm not looking for a different approach to what I'm doing. I'm simply asking if anyone has any experience in/ideas for security in the environment I described.


01-30-2010, 03:08 PM
Use SSL via a httpS connection and the traffic will be encrypted.