How do you guys solve the security matters when opening XML-channels between to business systems ?

What do you guys normaly do ?

# 1 Send passwrods through the url-string ? (Doesn't seem safe to me)

# 2 Locking IP numbers, infosender and reciever has fixed IP-numbers and an .asp page is doing a check before to se who is asking for info ?

Please give me some comments on this

/Johan Johansson

I once had a simular problem. How to send XML-data to a client through http. I solved it by adding a crypting-component. This component simply crypted or decrypted a string. Then i could easily send it attached to an url. Only the clients with the correct decrypter and key could read these values anyway. If you want some sample code, I would be happy to mail it to you.
The component was a ServerExtension, to a MS-IIS, and the crypting method was Blowfish, but any method would do the job.

berghamar@hotmail.com