Thursday, October 03, 2002

More than one way to skin a cat. Mayank Prakash's Web services architectures: Easier said than done is a great read. I especially like the fact that he draws a distinction between SOAP and Web services - two topics that most of the other magazine articles I've read seem to use interchangeably, and to their detriment. The guidelines in the article seem pretty sound to me, and pragmatic. [Peter Drayton's Radio Weblog]
4:14:35 PM    

Matt Powell shows how to make use of asynchronous Web methods on the server side to create high performance Microsoft ASP.NET Web services.
2:37:33 PM    

I took Simon's most excellent recomendation on Yassar's (who, as Don told me, is now on his team) Real World XML Web Services: For VB and VB .NET Developers. I rush-ordered this book, 24-hour shipped and read 1/2 of it yesterday. I don't know what to say that won't sound like I'm going to an extreme or paid by Yassar-) but this is the single best Web Services book I have ever read. Its clear, its real-world, it's focused on the right things and its even Keith's favorite Web Services book. Its approach is very readable yet thorough and I'm finally starting to understand Schema.
2:03:09 PM    

Don sent me email last night and then he surfaced.
1:54:43 PM    

Wow! Greg and I are just knocked out by the response to our Groove Experiments space announcement. We just about have a full house with all sorts of incredible ideas flying around. We already are starting to see the seeds of some valuable experiments and projects that will contribute to the overall community. I like to think of it as a Hive Mind. Its powerful.
1:22:47 PM    

Web Services Threat Detection.

Web Services Threat Detection

A while back in another life, we considered the idea of a real-time threat detection system for our web services. The idea was we could build (or buy) an infrastructure component that could analyze the incoming bit stream, detect anomalies, and react appropriately. [Greg Reinacker's Weblog]

What makes this harder is that the caller can disguise the request using character or parameter entities, or by using a processing instructions or xsi:include.  The usual stuff when dealing with XML, you can't just do a binary compare to see if the document matches a signature you know about.  Talk to Eugene Kuznetsov at DevCon, he went over all this stuff at the last one.  Steve Loughran also mentioned that they had some interesting security holes to patch in the system he worked on, I think there was one that allowed a caller to download the server's password file by handing in the right XML request.  Man, I wish I was going.  Dang customers!  Can't they wait a couple weeks to start beta testing?

[Gordon Weakliem's Radio Weblog]

Yes, Eugene Kuznetsov's talk was most interesting. It seems that there is a whole lot of research and work going into the hardware aspect of Web Services as well with sorts if interesting devices coming up. And Steve Loughran had some ideas in this area as well. Gordon, you're not going? Bummer. We'll miss you.


1:14:08 PM    

IBM downsizes Web portal software. The company aims its new software at small and medium-sized businesses by dropping some of the features intended for large corporations and making it easier to install and use. [CNET News.com]
1:08:30 PM    



© Copyright 2002 Sam Gentile .
Last update: 11/1/2002; 12:27:40 PM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "Sam::XML and Web Services" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.