XML Webservice authentication

  • Thread starter serge calderara
  • Start date
S

serge calderara

Hi,

I would say that it depends what you are planning to do a and who is goinf
to acess your web service and from where.

In other words do you planned to published your web service or does your web
service is part of your asp application.

The most secure would be to use security feature of IIS and use Windows
Authentication. Cookies are not secure and are mainly used to retain user
information except sensitive data.

If you want to provide FromAuthentication then you could keep in cookies a
unique GUI corresponding to the user and then refer to that GUI from a
database where you will extract information.

hope it helps
regards
serge
 
G

GMG

Is it possible to use FormAuthentication or do I have to manage my own
cookies and if so a sample/URL would be greatly appreciated.
 
J

Josh Twist

One of the key features FormsAuthentication offers is automatic
redirect for non-logged in users to a login page. As I'm sure you'll
appreciate this makes no sense in the context of a web service.

Most web services don't use cookies in this way, they simply request
the username/password with each request. You can even use WSE
(http://msdn.microsoft.com/webservices/building/wse/) to help you do
this in an industry standard way (WS-Security standard).

If you have any questions about any of this - just shout!

Josh
http://www.thejoyofcode.com/
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top