As for government, I do understand their concerns. If the web server has direct access to the database, even to a restricted number of tables or views, if it gets exploited the attacker will likely be privy to all sorts of private and personal data. By adding an application server which isn't publicly accessible into the mix, the speed and ease with which an attacker can view or alter the data is severely limited.
Nick
At 07:16 AM 12/17/2003 +0100, Arnaud Limbourg wrote:
Well, doing all the db call via a soap or xml-rpc interface will be slow. If you just have a few queries it is not a big deal, but on a site with lots of queries and/or heavily frequented it will be different.
I wonder why governments fear so much. You make a few views and restrict a user/pass to access only those views.
Anyway, if speed is important and wha tyou need is relatively simple the xml-rpc might be best.
Arnaud.
-- PHP Soap Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- PHP Soap Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
