tags:

views:

190

answers:

2
Q: 

Architecture solution problem - need other opinion

Hi guys, I would like to ask you for your opinion. It's about solution for our new project. see the details below.

Problem summary - our webapp integrated into client website, as simple as possible integration - need technology independent on environment, possibly only xml, html, javascripts - most of data provided by web services on our side (we are using Net 2.0 or 3.5) - keep security on high level,it includes payments (we are using https as minimum) - no data saved on client side (saved on our side in db), except some config data

So what you think... - Is good idea that we use only web services? - Should we use some kind of remoting (e.g CSLA objects)? then we depends on technology (Net, csla), don't we? - Can we assure enough security as we deal with online payments (e.g. PayPal)?

Any constructive comments most welcome and appreciated.

Cheers, X.

+1  A: 

Use XML/JSON for data interchange to avoid platform lock-in of RPC/Remoting.

Consider using REST web-services instead of SOAP to keep read-only operations as simple as possible.

Keep the payments processes separate to be able to offer basic services without SSL.

Tahir Akhtar  2008-10-13 19:26:49
+1  A: 

I would not use REST since is not as secure, unless you're not transmitting sensitive data. I would use SOAP based web-services over SSL for the payment processing.

Ricardo Villamil  2008-10-13 19:33:07
Can you elaborate a bit on what makes SOAP more secure than REST. SSL can be used with both REST and SOAP alike.
Tahir Akhtar  2008-10-13 19:43:03
http://www.vordel.com/downloads/rsa_conf_2006.pdf
Ricardo Villamil  2008-11-05 21:11:08

related questions

What is the best architecture to bridge to XMPP?
How to expose a collection property?
How do you build a ratings implementation?
Alternative "architectural" approaches to javaScript client code?
Split data access class into reader and writer or combine them?
Guide to choosing between REST vs SOAP services?
Best architecture for handling file system changes?
Globalization architecture
How Did You Decide Between WISA and LAMP?
Best Blogs for Software Architecture
Experience documentation about Shared Nothing Architecture
Agile architectures
VS.NET Application Diagrams
Documenting program architecture
Books for software architect
How do you do system integration?
Design debate: what are good ways to store and manipulate versioned objects?
Passing more parameters in C function pointers
Send messages to program through command line
Interfaces on different logic layers
How to structure a java application, in other words: where do I put my classes?
Are there any negative reasons to use an N-Tier solution?
Linux - files and scripts that execute on boot
Good STL-like library for C.
Best way to allow plugins for a PHP application