Simple Security for HTTP Based RESTful Services (Part 1)

This is going to be the first in a series of posts discussing potential ways of securing bi-directional RESTful based HTTP services. For this series we are going to make the requirements quite simple, namely, “secure” simply means the caller of the service is authorized to invoke it. Lets assume that this solution is being deployed along with a simple IP addresses restriction mechanism. Since IP address’s can easily be spoofed, this solution is the next level of defense to ensure the identity of the caller.

A little Salt with that Hash?

Was just presented with a unique (to me) requirement which is to implement a single sign on across multiple domains within the same page via a cookie. Huh? Let me elaborate, in simple terms it means that there is a base site, lets call it foo.com, and then there is a partner site, lets call it bar.com. On foo.com’s main page we want to be able to iFrame in bar.com with the credentials of the current user logged in to foo.com transparently sent over and in turn logged in to bar.com as well.

WebKit Day 2.5 Benchmarks

The recent release of Google Chrome Beta for Windows has re-stirred the good old browser wars. Chrome is based on WebKit, but uses the V8 Javascript Engine Currently Chrome is a Windows only browser, so it is not possible for me to benchmark the browser first hand, but the claims have been that it is faster than both Firefox and WebKit on Windows.

Upgraded Site To WordPress 2.6

It took all of 15 minutes, and that included upgrading TinyMCE to version 3.1 as well. WordPress is one of my favorite open source packages.

WebKit Day 2 - Benchmarks

After using WebKit for the past few days it is evident to me that it performs better than Firefox on my Macs. The question is how much better? Is it possible to quantify the performance difference? After searching around found this JavaScript benchmarking site.