Win a copy of Building Blockchain Apps this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Liutauras Vilda
  • Knute Snortum
  • Bear Bibeault
Sheriffs:
  • Devaka Cooray
  • Jeanne Boyarsky
  • Junilu Lacar
Saloon Keepers:
  • Ron McLeod
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • salvin francis
Bartenders:
  • Tim Holloway
  • Piet Souris
  • Frits Walraven

'Web Service and Security' in Ajax High Performance book

 
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Authors,

I am getting a bit anxious and also quiet alot surprised to see 'Web Service and Security' chapter in an Ajax High Performance book.

I am serioulsy interested to know what all going into this chapter as I have been working in Web Service for past couple of years and would love to leverage it with Ajax programming.

Hope you could elaborate something for the relationship between Ajax and WebServices.

Regards,
Dinesh Sundrani
 
author
Posts: 4
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Dinesh,

The link between Ajax and Web Services is an important one for people that are working behind the firewall and integrating with business systems that are already using Web Services - by which I primarily mean SOAP messaging rather than XMP-RPC or JSON based requests.

There are a few different options for integrating Ajax with SOAP based Web Services. There are browser specific solutions for dealing with SOAP messages in both Firefox and Internet Explorer, but the solution we recommend is the cross browser JavaScript SOAP toolkit from IBM. It makes dealing with SOAP fairly seamless.

Due to the same origin security policy of the web browser, XHR requests cannot be performed across domains. To get around this, script injection can be used to create mashups with services like Google Maps or JSONP and XMLP with either script injection or hidden IFrames can be used to access data across domains. The mashup approach is fairly safe. However, when you start requesting JSON or XML data across domains using script injection it can be a security problem since the HTTP headers of the web site user are sent along with any script request. To get around this, sites such as Google, will return any JSON data in comments such that it is not directly executable and can only be read by JavaScript that has requested it from the same domain using a proper XHR request.

I hope that helps!
 
Dinesh Sundrani
Ranch Hand
Posts: 78
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Dave, I'm pretty clear now!!

Regards,
Dinesh Sundrani
 
Paddy spent all of his days in the O'Furniture back yard with this tiny ad:
Java file APIs (DOC, XLS, PDF, and many more)
https://products.aspose.com/total/java
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!