Solved

Web Service Security

Posted on 2006-07-08
4
202 Views
Last Modified: 2010-04-16
Hello, Once i build a web service, i built a windows app that will connect and interface with it.... Now that i have the web service, how can i make the web service application secure?
0
Comment
Question by:kwickway
4 Comments
 
LVL 6

Expert Comment

by:MuhammadAdil
ID: 17067168
0
 
LVL 22

Expert Comment

by:Mohammed Nasman
ID: 17068561
0
 
LVL 96

Expert Comment

by:Bob Learned
ID: 17068976
Use the https: protocol with SSL.

Bob
0
 
LVL 7

Accepted Solution

by:
whatsit2002 earned 250 total points
ID: 17084944
kwickway,

There are two main things you probably need to be concerned with when it comes to web service security. Those are: authentication, and secure transfer of data across "the wire."

The easiest way I have found to implement security on a web service is to use the security features built in to IIS. If you disable anonymous access to the virtual directory that your web service is housed in, and enable basic or integrated security, that will take care of the authentication step. After that, you can achieve secure data transfer by using SSL (also a feature of IIS).

Then, your web service client would create a reference to the web service class like so:

_Ws = new MyServiceWs();
System.Net.CredentialCache cache = new CredentialCache();
System.Net.NetworkCredential cred = new NetworkCredential(username, password, nt_domain);
cache.Add("https://myurl/virtualdirectory/MyServiceWs.asmx", "NTLM", cred);
_Ws.Credentials = cred;

Please note that there is also a third security concern: Authorization. Your application should check to make sure the user is authorized to use the resources they are accessing. However, I don't believe that is what your questions was about. If you would like more information about authorization, please let me know.

Jason
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes a simple method to resize a control at runtime.  It includes ready-to-use source code and a complete sample demonstration application.  We'll also talk about C# Extension Methods. Introduction In one of my applications…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question