User not logged in - login - register
Home Calendar Books School Tool Photo Gallery Message Boards Users Statistics Advertise Site Info
go to bottom | |
 Message Boards » » Protecting XML data Page [1]  
robster
All American
3545 Posts
user info
edit post

Anyone know a good way to protect xml data?

For instance, I want to use xml data on the backend for loading up a google map. Is there a way to make it so that users cannot access that xml data, but rather only the server itself can make a request to the xml location?

Or, for something like an iphone app, is there an easy way to protect xml content so that only your iphone application can get access to it? I guess you could encrypt/hash that data, but I am looking more for some way of just blocking access, if its possible. Maybe through the .htaccess file.

Thanks for any examples!!

8/20/2009 11:52:35 AM

qntmfred
retired
40818 Posts
user info
edit post

is this static data? it's fairly common to provide authentication/authorization for web services. it's a little overkill to provide a web service for something that doesn't change, but if it is dynamic, web service is the traditional solution

as for htaccess, that is a very simple way, but i'm not sure how good various web access libraries are going to be at allowing those credentials to be included in web requests. i would imagine it should be common, but i haven't ever used it or even seen it done in that way. it's probably as easy as setting a http header option

[Edited on August 20, 2009 at 12:02 PM. Reason : guess]

8/20/2009 11:57:50 AM

robster
All American
3545 Posts
user info
edit post

Yeah, its static data ... thus, no php processing to allow me to just throw an auth sequence in there.

I would even be satisfied to use htaccess to limit access based on the type of OS
(in this case, it would show up with a string of "CFNetwork" in the HTTP_USER_AGENT server parameter, when being accessed from an iPhone).

But, there are other situations where I would like only my local server to be able to request the xml file, not individual users out on the net.

8/20/2009 12:30:40 PM

smoothcrim
Universal Magnetic!
18969 Posts
user info
edit post

well you can submit remote Kml to google (like putting http://lksajdf.com/blah.kml into the search bar) and it will show map. this way you could remotely secure the kml (might work with xml) with a different scheme than the rest

8/20/2009 3:21:54 PM

robster
All American
3545 Posts
user info
edit post

Yeah, not really looking to depend on google to show the data ... maps data was just one example.

I have a bunch of different projects that I would like to open up, but still have the xml data under wraps.

8/21/2009 12:08:07 AM

Noen
All American
31346 Posts
user info
edit post

You need authentication on both ends of the web service. Not too hard to do actually. On an iPhone app you can just embed an encrypted private key with the app itself, and then all you have to worry about is the server auth end of it.

8/21/2009 12:24:48 AM

 Message Boards » Tech Talk » Protecting XML data Page [1]  
go to top | |
Admin Options : move topic | lock topic

© 2024 by The Wolf Web - All Rights Reserved.
The material located at this site is not endorsed, sponsored or provided by or on behalf of North Carolina State University.
Powered by CrazyWeb v2.39 - our disclaimer.