N
Nick K.
I am currently calling a .Net web service from JavaScript on the client-side
browser. This JavaScript uses the HttpRequest object that is installed with
Internet Explorer to call the web service using a soap request.
I am now looking at the Web Services Enhancements 2.0 that Microsoft has
released for .Net. This has features to tighten security using X509
certificates, Kerberos, and Username, Password in the soap header. I believe
encryption is part of this as well.
What I need to know is what are my options for tightening security on my web
service and still being able to do this with JavaScript on the client? The
samples on the WSE 2.0 show .Net clients and I will be using a
browser/JavaScript client. Are any of the features available in WSE 2.0
available to me using JavaScript? What I need are best practices for web
service security.
browser. This JavaScript uses the HttpRequest object that is installed with
Internet Explorer to call the web service using a soap request.
I am now looking at the Web Services Enhancements 2.0 that Microsoft has
released for .Net. This has features to tighten security using X509
certificates, Kerberos, and Username, Password in the soap header. I believe
encryption is part of this as well.
What I need to know is what are my options for tightening security on my web
service and still being able to do this with JavaScript on the client? The
samples on the WSE 2.0 show .Net clients and I will be using a
browser/JavaScript client. Are any of the features available in WSE 2.0
available to me using JavaScript? What I need are best practices for web
service security.