I was able to create an HTTP and web services servers from the wizard. I
then created an api. I was able to test it with Postman and everything
checked out.

The next thing I'm unsure of is security.

I created a new user with *USER authority and no special authority I also
changed the initial menu to signoff.
I redeployed the web service speciying this user profile on User ID for
this service.
I retested with Postman and it still works.

I ended my vpn. The api now timed out in Postman.

So my question is, if the api is only ever called from behind the vpn is
there still a big hole I'm missing?
Is SSL required if behind a vpn?

Once again, your advice is very much appreciated.

Thanks, Rob

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.