Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m working on a webservice + AJAX interface, and I’m worried about authentication. This moment I’m passing username and password to the webservice as arguments, but I fear that this approach is highly insecure. I was told that ssl could solve my problem, but I want more alternatives.
My webservice is written in php and my interface is in php + AJAX. The webservice receives arguments from POST or GET and retreives xml (in a future maybe I’ll use JSON)
AJAX request are no different to normal request.
Since you have an AJAX interface I guess you can have a page where users log-in. When they log-in store a cookie at the browser. This cookie can then be sent back with every AJAX request.
Your PHP script can ‘authenticate’ the AJAX request using the cookie exactly as it would with normal requests.