I am new to the web of web services and web API. I have noticed that most companies provide XML or JSN based connections, Who basically collects data from their database and encodes them in the format of choice. My question is why do not I offer anyone a SQL connection?
At first I thought this was security. But with MySQL you can restrict users to all methods of a specific column. You can only allow them to view or just insert. You can create ideas and stored procedures to join or veil in your true backend structure. You can use SSL connections to correctly encode the transmitted data. So in fact I think that the only difference is the style I think people must write to me
$ conn- & gt; GetWidgetAttr ('WidgetName'); Instead of
select widget name from the widget; Can anyone tell me what am I missing?
- Configuration complexity It is difficult to configure permissions for all users for all possible use cases.
- Opening a security database connection and query is not secure, and offers a wider possibility of SQL injection / exploitation attacks.
- Hiding the details of the implementation of stored items in the Contract Stability Database allows you to change the underlying storage without breaking the existing client. For example, at one point you can decide to change the server with sql mongodb.
- Firewall Problems HTTP connections are widely available, with port 80 Web API open for most functions, while exposing the SQL Server port (default 1433) additional costs can be deployed.
No comments:
Post a Comment