When we use WSDL for any web services, it uses two types of attributes - servicepassword and serviceusername. In these two types, different values are necessarily to be passed. These values are needed to be validated for the attributes.
If the returned values are wrong for the methods, then those values will automatically return an error. If an application developer is going to use ESL/SSL encryption, it can remove all the possibilities of the potential attack vector.
An application developer can remove all of the CFC templates that are part of the ESL. The process of creating ESL can be done effectively by doing the following steps -
log in to the ColdFusion administrator.
In the navigation pane, click on the left menu and click at the user manager link.
In the text boxes, fill in the username and password and confirm password name. This will be similar values for calling the ESL.
In the exposed services section, select the services you want to allot to the users.
Click the add user button to create new user.
ESL subscription allows the IP address specification to the application user. Even the credentials are also allowed from the authorized Ip address.
Hope you have liked this post ! Thanks for reading it !
reference link -