Some web hosting control panels work this same way: Monster Controls is just one that comes to mind. Your approach with the various components has been done before and it makes sense. Since security is #1, your service should only accept instruction verified to have come from the cgi and that it came from an authorized user (you). You might be able to do this with public / private key crypto: Provide your application your private key (or your passphrase to your private key) to encrypt messages bound for the service, and let the service decrypt messages with your public key. The question then becomes how much do you trust your cgi application? Or your browser? But I think that's a different topic - if somebody compromised the cgi, they could capture your passphrase or key, and if somebody compromised your browser (desktop), they could key-log your passphrase / key.

---

---

• Are you posting in the right place? Check out Where do I post X? to know for sure.
• Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:

  <code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>

• Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
• Want more info? How to link or How to display code and escape characters are good places to start.