Forum: Ruby on Rails How to secure web services created by ActionWebService?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Chang Sau S. (Guest)
on 2006-03-31 08:34
(Received via mailing list)
Hi,

Does anyone know how I can go about securing web services created from
ActionWebService? The manual from rubyonrails.org
(http://manuals.rubyonrails.com/read/book/10) doesn't say anything at
all on this ... or do I have to implement my own access control?


--
Sau S.

http://www.saush.com
http://read.saush.com
http://jaccal.sourceforge.net
Roland S. (Guest)
on 2006-03-31 11:10
(Received via mailing list)
Hi,

Chang Sau S. wrote:
> ------------------------------------------------------------------------
>
> _______________________________________________
> Rails mailing list
> removed_email_address@domain.invalid
> http://lists.rubyonrails.org/mailman/listinfo/rails

you can either use SSL to encrypt the data or a library like WSS4R
(www.rubyforge.org/projects/wss4r) that implements web service security
mechanisms like signature and encryption as defined by the Oasis
Consortium. WSS4R is tested with other WS-Security packages like WSE
from MS (for .NET) or JWSDP from Sun (for Java).

Regards,
Roland
Chang Sau S. (Guest)
on 2006-04-01 05:38
(Received via mailing list)
Thks! I'll take a look at the WSS4R library.

Roland S. wrote:
>>
> (www.rubyforge.org/projects/wss4r) that implements web service
> security mechanisms like signature and encryption as defined by the
> Oasis Consortium. WSS4R is tested with other WS-Security packages like
> WSE from MS (for .NET) or JWSDP from Sun (for Java).
>
> Regards,
> Roland
>


--
Sau S.

http://www.saush.com
http://read.saush.com
http://jaccal.sourceforge.net
This topic is locked and can not be replied to.